Version Description
- Improved compatibility with WordFence.
- Better handling of HTTP_X_FORWARDED_FOR on Debug tab.
- Added option to hide warning badge.
Download this release
Release Info
Developer | wpchefgadget |
Plugin | Limit Login Attempts Reloaded |
Version | 2.25.3 |
Comparing to | |
See all releases |
Code changes from version 2.25.2 to 2.25.3
- core/LimitLoginAttempts.php +32 -13
- limit-login-attempts-reloaded.php +1 -1
- readme.txt +7 -2
- views/tab-debug.php +20 -12
- views/tab-settings.php +8 -0
core/LimitLoginAttempts.php
CHANGED
@@ -46,8 +46,9 @@ class Limit_Login_Attempts {
|
|
46 |
|
47 |
'active_app' => 'local',
|
48 |
'app_config' => '',
|
49 |
-
'show_top_level_menu_item'
|
50 |
-
'hide_dashboard_widget'
|
|
|
51 |
);
|
52 |
/**
|
53 |
* Admin options page slug
|
@@ -255,12 +256,16 @@ class Limit_Login_Attempts {
|
|
255 |
|
256 |
if ( $this->network_mode ) {
|
257 |
add_action( 'network_admin_menu', array( $this, 'network_admin_menu' ) );
|
258 |
-
|
|
|
|
|
259 |
}
|
260 |
|
261 |
if ( $this->allow_local_options ) {
|
262 |
add_action( 'admin_menu', array( $this, 'admin_menu' ) );
|
263 |
-
|
|
|
|
|
264 |
}
|
265 |
|
266 |
// Add notices for XMLRPC request
|
@@ -278,9 +283,10 @@ class Limit_Login_Attempts {
|
|
278 |
add_action( 'authenticate', array( $this, 'authenticate_filter' ), 5, 3 );
|
279 |
|
280 |
/**
|
281 |
-
* BuddyPress unactivated user account message
|
|
|
282 |
*/
|
283 |
-
add_action( 'authenticate', array( $this, '
|
284 |
|
285 |
add_action('wp_ajax_limit-login-unlock', array( $this, 'ajax_unlock' ) );
|
286 |
|
@@ -559,21 +565,31 @@ class Limit_Login_Attempts {
|
|
559 |
}
|
560 |
|
561 |
/**
|
562 |
-
*
|
563 |
-
|
564 |
* @param $user
|
565 |
* @param $username
|
566 |
* @param $password
|
567 |
* @return mixed
|
568 |
*/
|
569 |
-
public function
|
570 |
|
571 |
if ( ! empty( $username ) && ! empty( $password ) ) {
|
572 |
|
573 |
-
if(is_wp_error($user)
|
|
|
|
|
|
|
574 |
|
575 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
576 |
}
|
|
|
577 |
}
|
578 |
return $user;
|
579 |
}
|
@@ -682,8 +698,10 @@ class Limit_Login_Attempts {
|
|
682 |
|
683 |
private function menu_alert_icon() {
|
684 |
|
685 |
-
if( !empty( $_COOKIE['llar_menu_alert_icon_shown'] ) ||
|
686 |
-
|
|
|
|
|
687 |
|
688 |
$retries_count = 0;
|
689 |
$retries_stats = $this->get_option( 'retries_stats' );
|
@@ -1745,6 +1763,7 @@ into a must-use (MU) folder. You can read more <a href="%s" target="_blank">here
|
|
1745 |
|
1746 |
$this->update_option('show_top_level_menu_item', ( isset( $_POST['show_top_level_menu_item'] ) ? 1 : 0 ) );
|
1747 |
$this->update_option('hide_dashboard_widget', ( isset( $_POST['hide_dashboard_widget'] ) ? 1 : 0 ) );
|
|
|
1748 |
|
1749 |
$this->update_option('allowed_retries', (int)$_POST['allowed_retries'] );
|
1750 |
$this->update_option('lockout_duration', (int)$_POST['lockout_duration'] * 60 );
|
46 |
|
47 |
'active_app' => 'local',
|
48 |
'app_config' => '',
|
49 |
+
'show_top_level_menu_item' => true,
|
50 |
+
'hide_dashboard_widget' => false,
|
51 |
+
'show_warning_badge' => true,
|
52 |
);
|
53 |
/**
|
54 |
* Admin options page slug
|
256 |
|
257 |
if ( $this->network_mode ) {
|
258 |
add_action( 'network_admin_menu', array( $this, 'network_admin_menu' ) );
|
259 |
+
|
260 |
+
if( $this->get_option( 'show_warning_badge' ) )
|
261 |
+
add_action( 'network_admin_menu', array( $this, 'network_setting_menu_alert_icon' ) );
|
262 |
}
|
263 |
|
264 |
if ( $this->allow_local_options ) {
|
265 |
add_action( 'admin_menu', array( $this, 'admin_menu' ) );
|
266 |
+
|
267 |
+
if( $this->get_option( 'show_warning_badge' ) )
|
268 |
+
add_action( 'admin_menu', array( $this, 'setting_menu_alert_icon' ) );
|
269 |
}
|
270 |
|
271 |
// Add notices for XMLRPC request
|
283 |
add_action( 'authenticate', array( $this, 'authenticate_filter' ), 5, 3 );
|
284 |
|
285 |
/**
|
286 |
+
* BuddyPress unactivated user account message fix
|
287 |
+
* Wordfence error message fix
|
288 |
*/
|
289 |
+
add_action( 'authenticate', array( $this, 'authenticate_filter_errors_fix' ), 35, 3 );
|
290 |
|
291 |
add_action('wp_ajax_limit-login-unlock', array( $this, 'ajax_unlock' ) );
|
292 |
|
565 |
}
|
566 |
|
567 |
/**
|
568 |
+
* Fix displaying the errors of other plugins
|
569 |
+
*
|
570 |
* @param $user
|
571 |
* @param $username
|
572 |
* @param $password
|
573 |
* @return mixed
|
574 |
*/
|
575 |
+
public function authenticate_filter_errors_fix( $user, $username, $password ) {
|
576 |
|
577 |
if ( ! empty( $username ) && ! empty( $password ) ) {
|
578 |
|
579 |
+
if( is_wp_error($user) ) {
|
580 |
+
|
581 |
+
// BuddyPress errors
|
582 |
+
if( in_array('bp_account_not_activated', $user->get_error_codes() ) ) {
|
583 |
|
584 |
+
$this->other_login_errors[] = $user->get_error_message('bp_account_not_activated');
|
585 |
+
}
|
586 |
+
// Wordfence errors
|
587 |
+
else if( in_array('wfls_captcha_verify', $user->get_error_codes() ) ) {
|
588 |
+
|
589 |
+
$this->other_login_errors[] = $user->get_error_message('wfls_captcha_verify');
|
590 |
+
}
|
591 |
}
|
592 |
+
|
593 |
}
|
594 |
return $user;
|
595 |
}
|
698 |
|
699 |
private function menu_alert_icon() {
|
700 |
|
701 |
+
if( !empty( $_COOKIE['llar_menu_alert_icon_shown'] ) ||
|
702 |
+
$this->get_option( 'active_app' ) !== 'local' ||
|
703 |
+
!$this->get_option( 'show_warning_badge' ) )
|
704 |
+
return '';
|
705 |
|
706 |
$retries_count = 0;
|
707 |
$retries_stats = $this->get_option( 'retries_stats' );
|
1763 |
|
1764 |
$this->update_option('show_top_level_menu_item', ( isset( $_POST['show_top_level_menu_item'] ) ? 1 : 0 ) );
|
1765 |
$this->update_option('hide_dashboard_widget', ( isset( $_POST['hide_dashboard_widget'] ) ? 1 : 0 ) );
|
1766 |
+
$this->update_option('show_warning_badge', ( isset( $_POST['show_warning_badge'] ) ? 1 : 0 ) );
|
1767 |
|
1768 |
$this->update_option('allowed_retries', (int)$_POST['allowed_retries'] );
|
1769 |
$this->update_option('lockout_duration', (int)$_POST['lockout_duration'] * 60 );
|
limit-login-attempts-reloaded.php
CHANGED
@@ -5,7 +5,7 @@ Description: Block excessive login attempts and protect your site against brute
|
|
5 |
Author: Limit Login Attempts Reloaded
|
6 |
Author URI: https://www.limitloginattempts.com/
|
7 |
Text Domain: limit-login-attempts-reloaded
|
8 |
-
Version: 2.25.
|
9 |
|
10 |
Copyright 2008 - 2012 Johan Eenfeldt, 2016 - 2022 Limit Login Attempts Reloaded
|
11 |
*/
|
5 |
Author: Limit Login Attempts Reloaded
|
6 |
Author URI: https://www.limitloginattempts.com/
|
7 |
Text Domain: limit-login-attempts-reloaded
|
8 |
+
Version: 2.25.3
|
9 |
|
10 |
Copyright 2008 - 2012 Johan Eenfeldt, 2016 - 2022 Limit Login Attempts Reloaded
|
11 |
*/
|
readme.txt
CHANGED
@@ -3,8 +3,8 @@ Contributors: wpchefgadget
|
|
3 |
Donate link: https://www.paypal.com/donate?hosted_button_id=FKD4MYFCMNVQQ
|
4 |
Tags: brute force, login, security, firewall, protection
|
5 |
Requires at least: 3.0
|
6 |
-
Tested up to:
|
7 |
-
Stable tag: 2.25.
|
8 |
|
9 |
Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.
|
10 |
|
@@ -98,6 +98,11 @@ Please follow this link: <a href="https://www.limitloginattempts.com/resources/"
|
|
98 |
|
99 |
== Changelog ==
|
100 |
|
|
|
|
|
|
|
|
|
|
|
101 |
= 2.25.2 =
|
102 |
* Security indicator fixed for multisite.
|
103 |
|
3 |
Donate link: https://www.paypal.com/donate?hosted_button_id=FKD4MYFCMNVQQ
|
4 |
Tags: brute force, login, security, firewall, protection
|
5 |
Requires at least: 3.0
|
6 |
+
Tested up to: 6.0
|
7 |
+
Stable tag: 2.25.3
|
8 |
|
9 |
Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.
|
10 |
|
98 |
|
99 |
== Changelog ==
|
100 |
|
101 |
+
= 2.25.3 =
|
102 |
+
* Improved compatibility with WordFence.
|
103 |
+
* Better handling of HTTP_X_FORWARDED_FOR on Debug tab.
|
104 |
+
* Added option to hide warning badge.
|
105 |
+
|
106 |
= 2.25.2 =
|
107 |
* Security indicator fixed for multisite.
|
108 |
|
views/tab-debug.php
CHANGED
@@ -9,26 +9,34 @@ if( !defined( 'ABSPATH' ) ) exit();
|
|
9 |
$debug_info = '';
|
10 |
|
11 |
$ips = $server = array();
|
|
|
12 |
foreach ($_SERVER as $key => $value) {
|
13 |
|
14 |
-
if( in_array( $key, array( 'SERVER_ADDR' ) ) ) continue;
|
15 |
|
16 |
-
|
|
|
17 |
|
18 |
-
|
19 |
|
20 |
-
$ips
|
21 |
-
|
|
|
22 |
|
23 |
-
|
24 |
-
|
25 |
-
|
26 |
-
|
27 |
-
|
|
|
|
|
|
|
|
|
|
|
28 |
}
|
29 |
|
30 |
-
foreach ($server as $server_key => $
|
31 |
-
$debug_info .= $server_key . ' = ' . $
|
32 |
}
|
33 |
?>
|
34 |
|
9 |
$debug_info = '';
|
10 |
|
11 |
$ips = $server = array();
|
12 |
+
|
13 |
foreach ($_SERVER as $key => $value) {
|
14 |
|
15 |
+
if( in_array( $key, array( 'SERVER_ADDR' ) ) || is_array( $value ) ) continue;
|
16 |
|
17 |
+
$ips_for_check = array_map( 'trim', explode( ',', $value ) );
|
18 |
+
foreach ( $ips_for_check as $ip ) {
|
19 |
|
20 |
+
if( $this->is_ip_valid( $ip ) ) {
|
21 |
|
22 |
+
if( !in_array( $ip, $ips ) ) {
|
23 |
+
$ips[] = $ip;
|
24 |
+
}
|
25 |
|
26 |
+
if( !isset( $server[$key] ) ) {
|
27 |
+
$server[$key] = '';
|
28 |
+
}
|
29 |
+
|
30 |
+
if( in_array( $ip, array( '127.0.0.1', '0.0.0.0' ) ) )
|
31 |
+
$server[$key] = $ip;
|
32 |
+
else
|
33 |
+
$server[$key] .= 'IP'.array_search( $ip, $ips ) . ',';
|
34 |
+
}
|
35 |
+
}
|
36 |
}
|
37 |
|
38 |
+
foreach ($server as $server_key => $ips ) {
|
39 |
+
$debug_info .= $server_key . ' = ' . trim( $ips, ',' ) . "\n";
|
40 |
}
|
41 |
?>
|
42 |
|
views/tab-settings.php
CHANGED
@@ -14,6 +14,7 @@ $email_checked = in_array( 'email', $v ) ? ' checked ' : '';
|
|
14 |
|
15 |
$show_top_level_menu_item = $this->get_option( 'show_top_level_menu_item' );
|
16 |
$hide_dashboard_widget = $this->get_option( 'hide_dashboard_widget' );
|
|
|
17 |
|
18 |
$admin_notify_email = $this->get_option( 'admin_notify_email' );
|
19 |
$admin_email_placeholder = (!is_multisite()) ? get_option( 'admin_email' ) : get_site_option( 'admin_email' );
|
@@ -108,6 +109,13 @@ $active_app_config = $this->get_custom_app_config();
|
|
108 |
<input type="checkbox" name="hide_dashboard_widget" <?php checked( $hide_dashboard_widget ); ?>>
|
109 |
</td>
|
110 |
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
111 |
<tr>
|
112 |
<th scope="row"
|
113 |
valign="top"><?php echo __( 'Active App', 'limit-login-attempts-reloaded' ); ?></th>
|
14 |
|
15 |
$show_top_level_menu_item = $this->get_option( 'show_top_level_menu_item' );
|
16 |
$hide_dashboard_widget = $this->get_option( 'hide_dashboard_widget' );
|
17 |
+
$show_warning_badge = $this->get_option( 'show_warning_badge' );
|
18 |
|
19 |
$admin_notify_email = $this->get_option( 'admin_notify_email' );
|
20 |
$admin_email_placeholder = (!is_multisite()) ? get_option( 'admin_email' ) : get_site_option( 'admin_email' );
|
109 |
<input type="checkbox" name="hide_dashboard_widget" <?php checked( $hide_dashboard_widget ); ?>>
|
110 |
</td>
|
111 |
</tr>
|
112 |
+
<tr>
|
113 |
+
<th scope="row"
|
114 |
+
valign="top"><?php echo __( 'Show Warning Badge', 'limit-login-attempts-reloaded' ); ?></th>
|
115 |
+
<td>
|
116 |
+
<input type="checkbox" name="show_warning_badge" <?php checked( $show_warning_badge ); ?>> <?php _e( '(Reload the page to see the changes)', 'limit-login-attempts-reloaded' ) ?>
|
117 |
+
</td>
|
118 |
+
</tr>
|
119 |
<tr>
|
120 |
<th scope="row"
|
121 |
valign="top"><?php echo __( 'Active App', 'limit-login-attempts-reloaded' ); ?></th>
|