Hi, I’m using WP 2.6 and Members Only 0.6.5 (both are latest)
I’m also using WassUp plugins to track visitors and also the logins.
However, I notice something strange: there are IPs which are not logged in (Username not shown), but still visiting pages. Look at this:
18.104.22.168 2008-07-31 20:13:40
Referrer: Direct hit
* User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:22.214.171.124) Gecko/2008070208 Firefox/3.0.1
* vn OS: WinXP
* BROWSER: Firefox 3.0
* 20:11:06 ->/wp/D06TransTeam/wp-login.php?redirect_to=/wp/D06TransTeam/
* 20:11:18 ->/wp/D06TransTeam/wp-login.php
* 20:11:28 ->/wp/D06TransTeam/wp-login.php
* 20:12:59 ->/wp/D06TransTeam/?p=156
* 20:13:40 ->/wp/D06TransTeam/?p=158
p=XXX is my blog entries.
He/She is even visiting the latest entry, which I wrote AFTER fixing security measures mentioned in the WP Security Scan Plugin. The post ID 158 is entered, so he/she must know before hand that that post exists.
I don’t know why this happens. The IP is of another ISP in MY COUNTRY, so it’s not some function from my plugin or anything else.
This is too dangerous.
- The topic ‘[Plugin: Members Only] Is there any way to bypass?’ is closed to new replies.