Support » Plugin: Stop Spammers » Question About How the "Blacklist searches for wp-login" Works

Viewing 5 replies - 1 through 5 (of 5 total)
  • kpgraham

    (@kpgraham)

    What the blacklist searches do is detect when someone looks for wp-login.php in the wrong place. This is usually a spider trying to find wp-login. It only blacklists it when WordPress detects a 404 error “file not found”. On every 404 it looks at REQUEST_URI, and if it has the string wp-login.php it adds to the black list. It will not affect custom login pages at all.

    As far as I can tell it only affects people trying to find the wp-login.php file and don’t know where to look. I get a few of these everyday out of thousands of spam attempts.

    Keith

    PS. Sorry this took so long, but I’ve been without internet due to Hurricane Sandy for a few days.

    MickeyRoush

    (@mickeyroush)

    Thanks for the reply and sorry for your troubles with the storm. Where I live we sometimes get the after effects of hurricanes too. So I sort of know what you’re going through.

    And your reply answered my question precisely. I was trying to figure out what exactly the code did and your explanation details it very well. Thanks again.

    How hard would it be to include wp-register.php and wp-signup.php? Or is that a bad idea?

    kpgraham

    (@kpgraham)

    I will add the register and signup files right now.

    The current new version has so many changes that I am afraid to release it. I am testing now and so far no problems, but some of the changes have a large impact on the way it works. I expect there will be an emergency release 8 hours after the release.

    Keith

    MickeyRoush

    (@mickeyroush)

    That’s awesome. Is this where I can download the latest beta?

    http://www.blogseye.com/beta-test-plugins/

    kpgraham

    (@kpgraham)

    That’s the right URL

    Keith

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Question About How the "Blacklist searches for wp-login" Works’ is closed to new replies.