Version Description
- Protection against brute force attacks using Auth Cookies
Download this release
Release Info
Developer | Jan-Paul Kleemans |
Plugin | Brute Force Login Protection |
Version | 1.3 |
Comparing to | |
See all releases |
Code changes from version 1.2 to 1.3
- brute-force-login-protection.php +11 -1
- readme.txt +6 -2
brute-force-login-protection.php
CHANGED
@@ -10,7 +10,7 @@ require_once ABSPATH . '/wp-admin/includes/file.php';
|
|
10 |
* Text Domain: brute-force-login-protection
|
11 |
* Author: Jan-Paul Kleemans
|
12 |
* Author URI: http://profiles.wordpress.org/jan-paul-kleemans/
|
13 |
-
* Version: 1.
|
14 |
* License: GPL2
|
15 |
*
|
16 |
* Copyright 2014 Jan-Paul Kleemans
|
@@ -48,6 +48,10 @@ class BruteForceLoginProtection {
|
|
48 |
//Login hooks
|
49 |
add_action('wp_login_failed', array($this, 'loginFailed'));
|
50 |
add_action('wp_login', array($this, 'loginSucceeded'));
|
|
|
|
|
|
|
|
|
51 |
}
|
52 |
|
53 |
/**
|
@@ -72,6 +76,7 @@ class BruteForceLoginProtection {
|
|
72 |
* @return void
|
73 |
*/
|
74 |
public function adminInit() {
|
|
|
75 |
$this->__registerOptions();
|
76 |
}
|
77 |
|
@@ -81,10 +86,12 @@ class BruteForceLoginProtection {
|
|
81 |
* @return void
|
82 |
*/
|
83 |
public function menuInit() {
|
|
|
84 |
add_options_page(__('Brute Force Login Protection Settings', 'brute-force-login-protection'), 'Brute Force Login Protection', 'manage_options', 'brute-force-login-protection', array($this, 'showSettingsPage'));
|
85 |
}
|
86 |
|
87 |
/**
|
|
|
88 |
* Adds base lines to .htaccess and resets commented denies.
|
89 |
*
|
90 |
* @return boolean
|
@@ -106,6 +113,7 @@ class BruteForceLoginProtection {
|
|
106 |
}
|
107 |
|
108 |
/**
|
|
|
109 |
* Comments out all denies in .htaccess.
|
110 |
*
|
111 |
* @return boolean
|
@@ -169,6 +177,7 @@ class BruteForceLoginProtection {
|
|
169 |
}
|
170 |
|
171 |
/**
|
|
|
172 |
* Increase number of attempts for clients IP. Deny IP if max attempts is reached.
|
173 |
*
|
174 |
* @return void
|
@@ -211,6 +220,7 @@ class BruteForceLoginProtection {
|
|
211 |
}
|
212 |
|
213 |
/**
|
|
|
214 |
* Removes IP from bflp_login_attempts if exist.
|
215 |
*
|
216 |
* @return void
|
10 |
* Text Domain: brute-force-login-protection
|
11 |
* Author: Jan-Paul Kleemans
|
12 |
* Author URI: http://profiles.wordpress.org/jan-paul-kleemans/
|
13 |
+
* Version: 1.3
|
14 |
* License: GPL2
|
15 |
*
|
16 |
* Copyright 2014 Jan-Paul Kleemans
|
48 |
//Login hooks
|
49 |
add_action('wp_login_failed', array($this, 'loginFailed'));
|
50 |
add_action('wp_login', array($this, 'loginSucceeded'));
|
51 |
+
|
52 |
+
//Auth cookie hooks
|
53 |
+
add_action('auth_cookie_bad_username', array($this, 'loginFailed'));
|
54 |
+
add_action('auth_cookie_bad_hash', array($this, 'loginFailed'));
|
55 |
}
|
56 |
|
57 |
/**
|
76 |
* @return void
|
77 |
*/
|
78 |
public function adminInit() {
|
79 |
+
//Register plugin settings
|
80 |
$this->__registerOptions();
|
81 |
}
|
82 |
|
86 |
* @return void
|
87 |
*/
|
88 |
public function menuInit() {
|
89 |
+
//Add settings page to the Settings menu
|
90 |
add_options_page(__('Brute Force Login Protection Settings', 'brute-force-login-protection'), 'Brute Force Login Protection', 'manage_options', 'brute-force-login-protection', array($this, 'showSettingsPage'));
|
91 |
}
|
92 |
|
93 |
/**
|
94 |
+
* Called When the plugin is activated
|
95 |
* Adds base lines to .htaccess and resets commented denies.
|
96 |
*
|
97 |
* @return boolean
|
113 |
}
|
114 |
|
115 |
/**
|
116 |
+
* Called When the plugin is deactivated
|
117 |
* Comments out all denies in .htaccess.
|
118 |
*
|
119 |
* @return boolean
|
177 |
}
|
178 |
|
179 |
/**
|
180 |
+
* Called when a user login has failed
|
181 |
* Increase number of attempts for clients IP. Deny IP if max attempts is reached.
|
182 |
*
|
183 |
* @return void
|
220 |
}
|
221 |
|
222 |
/**
|
223 |
+
* Called when a user has successfully logged in
|
224 |
* Removes IP from bflp_login_attempts if exist.
|
225 |
*
|
226 |
* @return void
|
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: Jan-Paul Kleemans
|
|
3 |
Tags: brute force, bruteforce, login, wp-login, protection, shield, security, htaccess, block, ip
|
4 |
Requires at least: 2.7.0
|
5 |
Tested up to: 3.9.1
|
6 |
-
Stable tag: 1.
|
7 |
License: GPL2
|
8 |
|
9 |
Protects your website against brute force login attacks using .htaccess
|
@@ -15,7 +15,8 @@ After a specified limit of login attempts within a specified time, the IP addres
|
|
15 |
|
16 |
Features
|
17 |
|
18 |
-
* Limit the number of allowed login attempts
|
|
|
19 |
* Manually block IP addresses
|
20 |
* Manually unblock IP addresses
|
21 |
* Option to inform user about remaining attempts on login page
|
@@ -40,6 +41,9 @@ Brute Force Login Protection will only work if your .htaccess file is writeable
|
|
40 |
1. Plugin settings page
|
41 |
|
42 |
== Changelog ==
|
|
|
|
|
|
|
43 |
= 1.2 =
|
44 |
* Option to inform user about remaining attempts on login page
|
45 |
* Ability to reset options
|
3 |
Tags: brute force, bruteforce, login, wp-login, protection, shield, security, htaccess, block, ip
|
4 |
Requires at least: 2.7.0
|
5 |
Tested up to: 3.9.1
|
6 |
+
Stable tag: 1.3
|
7 |
License: GPL2
|
8 |
|
9 |
Protects your website against brute force login attacks using .htaccess
|
15 |
|
16 |
Features
|
17 |
|
18 |
+
* Limit the number of allowed login attempts using normal login form
|
19 |
+
* Limit the number of allowed login attempts using Auth Cookies
|
20 |
* Manually block IP addresses
|
21 |
* Manually unblock IP addresses
|
22 |
* Option to inform user about remaining attempts on login page
|
41 |
1. Plugin settings page
|
42 |
|
43 |
== Changelog ==
|
44 |
+
= 1.3 =
|
45 |
+
* Protection against brute force attacks using Auth Cookies
|
46 |
+
|
47 |
= 1.2 =
|
48 |
* Option to inform user about remaining attempts on login page
|
49 |
* Ability to reset options
|