Support » Plugins and Hacks » [Plugin: Members Only] Is there any way to bypass?

[Plugin: Members Only] Is there any way to bypass?

  • Hi, I’m using WP 2.6 and Members Only 0.6.5 (both are latest)
    I’m also using WassUp plugins to track visitors and also the logins.

    However, I notice something strange: there are IPs which are not logged in (Username not shown), but still visiting pages. Look at this: 2008-07-31 20:13:40
    Referrer: Direct hit
    Hostname: adsl-dynamic-pool-xxx.fpt.vn

    * User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2008070208 Firefox/3.0.1

    * vn OS: WinXP
    * BROWSER: Firefox 3.0

    * 20:11:06 ->/wp/D06TransTeam/wp-login.php?redirect_to=/wp/D06TransTeam/
    * 20:11:18 ->/wp/D06TransTeam/wp-login.php
    * 20:11:28 ->/wp/D06TransTeam/wp-login.php
    * 20:12:59 ->/wp/D06TransTeam/?p=156
    * 20:13:40 ->/wp/D06TransTeam/?p=158

    p=XXX is my blog entries.
    He/She is even visiting the latest entry, which I wrote AFTER fixing security measures mentioned in the WP Security Scan Plugin. The post ID 158 is entered, so he/she must know before hand that that post exists.
    I don’t know why this happens. The IP is of another ISP in MY COUNTRY, so it’s not some function from my plugin or anything else.
    This is too dangerous.

  • The topic ‘[Plugin: Members Only] Is there any way to bypass?’ is closed to new replies.