WordPress.org

Support

Support » Plugins and Hacks » [Resolved] WP Login Exploits

[Resolved] WP Login Exploits

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Eli
    Participant

    @scheeeli

    Aloha Steven,
    I would be happy to help you identify any remaining threats. Once I find the threats I can add them to my definition updates so that they can be automatically removed in the future. If you are willing to give me WP Admin access to your site I can login and start by reviewing the list of potential threats. You can email me directly with the login info: eli at gotmls dot net

    Mahalo, Eli

    Plugin Author Eli
    Participant

    @scheeeli

    Aloha Steven,
    Thanks for giving me access to your site. I was able to determine that my plugin was skipping certain files because those files were empty. I have released a plugin update that provides more information about the reason for skipping files so that it will be more clear in the future why they are skipped.

    I also added more information about the wp-login.php patch that my plugin can apply. It is an optional patch that will harden the security of the login page. I highly recommend it to protect against DDoS and Brute-Force attacks.

    Other than that, your site looks clean. None of the potential threat are anything to worry about. I will continue to white-list the potential threats that I find to be safe so that there is not so much there to look into. Please let me know if you need anything else.

    Aloha, Eli

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Resolved] WP Login Exploits’ is closed to new replies.