I'm using both WassUp and Members Only at the same time.
[Plugin: Members Only] Is there any way to bypass?
Hi, I'm using WP 2.6 and Members Only 0.6.5 (both are latest)
I'm also using WassUp plugins to track visitors and also the logins.
However, I notice something strange: there are IPs which are not logged in (Username not shown), but still visiting pages. Look at this:
220.127.116.11 2008-07-31 20:13:40
Referrer: Direct hit
* User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:18.104.22.168) Gecko/2008070208 Firefox/3.0.1
* vn OS: WinXP
* BROWSER: Firefox 3.0
* 20:11:06 ->/wp/D06TransTeam/wp-login.php?redirect_to=/wp/D06TransTeam/
* 20:11:18 ->/wp/D06TransTeam/wp-login.php
* 20:11:28 ->/wp/D06TransTeam/wp-login.php
* 20:12:59 ->/wp/D06TransTeam/?p=156
* 20:13:40 ->/wp/D06TransTeam/?p=158
p=XXX is my blog entries.
He/She is even visiting the latest entry, which I wrote AFTER fixing security measures mentioned in the WP Security Scan Plugin. The post ID 158 is entered, so he/she must know before hand that that post exists.
I don't know why this happens. The IP is of another ISP in MY COUNTRY, so it's not some function from my plugin or anything else.
This is too dangerous.
My blog is a kind of private one, and some information are not meant to be shared outside the company. I've taken this into more thoughts, and also notice that those IP not recognized as users also sometimes visit the LOGOUT link. If they are not logged in users, why do they have to logout? Also, I've asked some friend goot at computer and try to find the way to break into my blog, but no way has been found out of the ordinary ways (and also tested at some advanced way). So this must be the problem of the WassUp logging system itself. Maybe it couldn't recognized some legitimate logged in users?
Thanks for reading. Hope someone knows the answer soon.