Version Description
- Add a script for turning our "Disable Logins" feature on and off from the command line.
Download this release
Release Info
Developer | convissor |
Plugin | Login Security Solution |
Version | 0.13.0 |
Comparing to | |
See all releases |
Code changes from version 0.12.0 to 0.13.0
- login-security-solution.php +1 -1
- readme.txt +11 -6
- utilities/disable_logins_setter.php +51 -0
login-security-solution.php
CHANGED
@@ -6,7 +6,7 @@
|
|
6 |
* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
|
7 |
*
|
8 |
* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
-
* Version: 0.
|
10 |
* Author: Daniel Convissor
|
11 |
* Author URI: http://www.analysisandsolutions.com/
|
12 |
* License: GPLv2
|
6 |
* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
|
7 |
*
|
8 |
* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
+
* Version: 0.13.0
|
10 |
* Author: Daniel Convissor
|
11 |
* Author URI: http://www.analysisandsolutions.com/
|
12 |
* License: GPLv2
|
readme.txt
CHANGED
@@ -1,10 +1,10 @@
|
|
1 |
=== Login Security Solution ===
|
2 |
Contributors: convissor
|
3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danielc%40analysisandsolutions%2ecom&lc=US&item_name=Donate%3a%20Login%20Security%20Solution¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
4 |
-
Tags: login, password, idle, timeout, maintenance, security, attack, hack, lock, ban
|
5 |
Requires at least: 3.3
|
6 |
Tested up to: 3.4.1
|
7 |
-
Stable tag: 0.
|
8 |
|
9 |
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode. Multisite ready!
|
10 |
|
@@ -28,7 +28,7 @@ legitimate users or administrators
|
|
28 |
+ Can notify the administrator of attacks and breaches
|
29 |
+ Supports IPv6
|
30 |
|
31 |
-
* Thoroughly examines
|
32 |
UTF-8 character set support if PHP's `mbstring` extension is enabled.
|
33 |
The tests have caught every password dictionary entry I've tried.
|
34 |
+ Minimum length (customizable)
|
@@ -102,8 +102,9 @@ that pushes malware into your readers' browsers.
|
|
102 |
So if your site does get cracked, not only do you waste hours cleaning up,
|
103 |
your reputation gets sullied, security software flags your site as dangerous,
|
104 |
and worst of all, you've inadvertently helped infect the computers of your
|
105 |
-
clients and friends. Oh, and
|
106 |
-
|
|
|
107 |
|
108 |
= Compatability with Other Plugins =
|
109 |
|
@@ -189,7 +190,7 @@ conflicts during program execution. Please read the FAQ!
|
|
189 |
doing so is accessible via a link in this plugin's entry on
|
190 |
WordPress' "Plugins" page.
|
191 |
|
192 |
-
1. Ensure your password
|
193 |
|
194 |
|
195 |
= Unit Tests =
|
@@ -272,6 +273,10 @@ then `cd` into that directory and run:
|
|
272 |
|
273 |
== Changelog ==
|
274 |
|
|
|
|
|
|
|
|
|
275 |
= 0.12.0 =
|
276 |
* Display a notice on top of admin pages when our maintenance mode is enabled.
|
277 |
|
1 |
=== Login Security Solution ===
|
2 |
Contributors: convissor
|
3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danielc%40analysisandsolutions%2ecom&lc=US&item_name=Donate%3a%20Login%20Security%20Solution¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
4 |
+
Tags: login, password, passwords, strength, strong, idle, timeout, maintenance, security, attack, hack, lock, ban
|
5 |
Requires at least: 3.3
|
6 |
Tested up to: 3.4.1
|
7 |
+
Stable tag: 0.13.0
|
8 |
|
9 |
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode. Multisite ready!
|
10 |
|
28 |
+ Can notify the administrator of attacks and breaches
|
29 |
+ Supports IPv6
|
30 |
|
31 |
+
* Thoroughly examines and enforces password strength. Includes full
|
32 |
UTF-8 character set support if PHP's `mbstring` extension is enabled.
|
33 |
The tests have caught every password dictionary entry I've tried.
|
34 |
+ Minimum length (customizable)
|
102 |
So if your site does get cracked, not only do you waste hours cleaning up,
|
103 |
your reputation gets sullied, security software flags your site as dangerous,
|
104 |
and worst of all, you've inadvertently helped infect the computers of your
|
105 |
+
clients and friends. Oh, and if the attack involves malware, that malware
|
106 |
+
has probably gotten itself into your computer.
|
107 |
+
|
108 |
|
109 |
= Compatability with Other Plugins =
|
110 |
|
190 |
doing so is accessible via a link in this plugin's entry on
|
191 |
WordPress' "Plugins" page.
|
192 |
|
193 |
+
1. Ensure your password strength by changing it.
|
194 |
|
195 |
|
196 |
= Unit Tests =
|
273 |
|
274 |
== Changelog ==
|
275 |
|
276 |
+
= 0.13.0 =
|
277 |
+
* Add a script for turning our "Disable Logins" feature on and off from the
|
278 |
+
command line.
|
279 |
+
|
280 |
= 0.12.0 =
|
281 |
* Display a notice on top of admin pages when our maintenance mode is enabled.
|
282 |
|
utilities/disable_logins_setter.php
ADDED
@@ -0,0 +1,51 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
/**
|
4 |
+
* A script for enabling and disabling the Disable Logins feature of
|
5 |
+
* the Login Security Solution WordPress plugin
|
6 |
+
*
|
7 |
+
* @package login-security-solution
|
8 |
+
* @link http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
+
* @license http://www.gnu.org/licenses/gpl-2.0.html GPLv2
|
10 |
+
* @author Daniel Convissor <danielc@analysisandsolutions.com>
|
11 |
+
* @copyright The Analysis and Solutions Company, 2012
|
12 |
+
*/
|
13 |
+
|
14 |
+
$option_name = 'login-security-solution-options';
|
15 |
+
|
16 |
+
|
17 |
+
function usage() {
|
18 |
+
echo "Usage: disable_logins_setter.php <enabled>\n";
|
19 |
+
echo " @param int enabled should logins be disabled? 1 = yes, 0 = no.\n";
|
20 |
+
echo "\nAuthor: Daniel Convissor <danielc@analysisandsolutions.com>\n";
|
21 |
+
echo "License: http://www.analysisandsolutions.com/software/license.htm\n";
|
22 |
+
echo "Link: http://wordpress.org/extend/plugins/login-security-solution/\n";
|
23 |
+
exit(1);
|
24 |
+
}
|
25 |
+
|
26 |
+
if (!isset($_SERVER['argv'][1])) {
|
27 |
+
usage();
|
28 |
+
} else {
|
29 |
+
$enabled = $_SERVER['argv'][1];
|
30 |
+
if ($enabled !== '0' && $enabled !== '1') {
|
31 |
+
usage();
|
32 |
+
}
|
33 |
+
}
|
34 |
+
|
35 |
+
|
36 |
+
/*
|
37 |
+
* Uses dirname(__FILE__) because "./" can be stripped by PHP's
|
38 |
+
* safety settings and __DIR__ was introduced in PHP 5.3.
|
39 |
+
*/
|
40 |
+
$util_dir = realpath(dirname(__FILE__));
|
41 |
+
$root_dir = "$util_dir/../../../..";
|
42 |
+
|
43 |
+
/** Gather WordPress infrastructure */
|
44 |
+
require_once "$root_dir/wp-load.php";
|
45 |
+
|
46 |
+
$option_value = get_option($option_name);
|
47 |
+
$option_value['disable_logins'] = $enabled;
|
48 |
+
if (!update_option($option_name, $option_value)) {
|
49 |
+
echo "ERROR: updating the option had a problem.\n";
|
50 |
+
exit(1);
|
51 |
+
}
|