Version Description
(2012-09-17) =
* Adjust formatting of the CREATE TABLE
statement in activate()
to prevent
WordPress' dbDelta()
from creating duplicate keys each time the plugin is
activated.
Download this release
Release Info
Developer | convissor |
Plugin | Login Security Solution |
Version | 0.29.0 |
Comparing to | |
See all releases |
Code changes from version 0.28.1 to 0.29.0
- admin.php +5 -3
- languages/login-security-solution-fr_FR.mo +0 -0
- languages/login-security-solution-fr_FR.po +1 -1
- languages/login-security-solution-pt_BR.mo +0 -0
- languages/login-security-solution-pt_BR.po +4 -4
- login-security-solution.php +2 -2
- readme.txt +6 -1
- tests/expected/fr_FR/LoginFailTest--test_process_login_fail__post_threshold +1 -1
- tests/expected/fr_FR/LoginFailTest--test_wp_login__post_breach_threshold +5 -3
- tests/expected/pt_BR/LoginFailTest--test_wp_login__post_breach_threshold +7 -5
admin.php
CHANGED
@@ -151,6 +151,8 @@ class login_security_solution_admin extends login_security_solution {
|
|
151 |
|
152 |
// Note: dbDelta() requires two spaces after "PRIMARY KEY". Werid.
|
153 |
// WP's insert/prepare/etc don't handle NULL's (at least in 3.3).
|
|
|
|
|
154 |
$sql = "CREATE TABLE `$this->table_fail` (
|
155 |
fail_id BIGINT(20) NOT NULL AUTO_INCREMENT,
|
156 |
ip VARCHAR(39) NOT NULL DEFAULT '',
|
@@ -158,9 +160,9 @@ class login_security_solution_admin extends login_security_solution {
|
|
158 |
pass_md5 varchar(64) NOT NULL DEFAULT '',
|
159 |
date_failed TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
160 |
PRIMARY KEY (fail_id),
|
161 |
-
KEY
|
162 |
-
KEY
|
163 |
-
KEY
|
164 |
)";
|
165 |
|
166 |
dbDelta($sql);
|
151 |
|
152 |
// Note: dbDelta() requires two spaces after "PRIMARY KEY". Werid.
|
153 |
// WP's insert/prepare/etc don't handle NULL's (at least in 3.3).
|
154 |
+
// It also requires the keys to be named and there to be no space
|
155 |
+
// the column name and the key length.
|
156 |
$sql = "CREATE TABLE `$this->table_fail` (
|
157 |
fail_id BIGINT(20) NOT NULL AUTO_INCREMENT,
|
158 |
ip VARCHAR(39) NOT NULL DEFAULT '',
|
160 |
pass_md5 varchar(64) NOT NULL DEFAULT '',
|
161 |
date_failed TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
162 |
PRIMARY KEY (fail_id),
|
163 |
+
KEY ip (ip(9)),
|
164 |
+
KEY user_login (user_login(5)),
|
165 |
+
KEY pass_md5 (pass_md5(10))
|
166 |
)";
|
167 |
|
168 |
dbDelta($sql);
|
languages/login-security-solution-fr_FR.mo
CHANGED
Binary file
|
languages/login-security-solution-fr_FR.po
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
-
"Project-Id-Version: Login Security Solution 0.
|
4 |
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
|
5 |
"solution\n"
|
6 |
"POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
+
"Project-Id-Version: Login Security Solution 0.29.0\n"
|
4 |
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
|
5 |
"solution\n"
|
6 |
"POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
|
languages/login-security-solution-pt_BR.mo
CHANGED
Binary file
|
languages/login-security-solution-pt_BR.po
CHANGED
@@ -1,10 +1,10 @@
|
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
-
"Project-Id-Version: Login Security Solution 0.
|
4 |
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
|
5 |
"solution\n"
|
6 |
"POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
|
7 |
-
"PO-Revision-Date: 2012-09-15
|
8 |
"Last-Translator: Valdir Trombini <valdirtrombini@hotmail.com>\n"
|
9 |
"Language-Team: Valdir Trombini <valdirtrombini@hotmail.com>\n"
|
10 |
"MIME-Version: 1.0\n"
|
@@ -538,7 +538,7 @@ msgstr "INVASÃO EM POTENCIAL %s"
|
|
538 |
|
539 |
#: login-security-solution.php:1852
|
540 |
msgid "Your website, %s, may have been broken in to."
|
541 |
-
msgstr "Seu website
|
542 |
|
543 |
#: login-security-solution.php:1855
|
544 |
msgid ""
|
@@ -586,7 +586,7 @@ msgid ""
|
|
586 |
"in? We are asking because the site happens to be under attack at the moment."
|
587 |
msgstr ""
|
588 |
"Alguém acaba de se conectar em sua conta '%s'. Foi você que se conectou %s? "
|
589 |
-
"Estamos perguntando porque o site pode estar sob ataque neste momento"
|
590 |
|
591 |
#: login-security-solution.php:1894
|
592 |
msgid "If it was NOT YOU, please do the following right away:"
|
1 |
msgid ""
|
2 |
msgstr ""
|
3 |
+
"Project-Id-Version: Login Security Solution 0.29.0\n"
|
4 |
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
|
5 |
"solution\n"
|
6 |
"POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
|
7 |
+
"PO-Revision-Date: 2012-09-15 21:49:00-04:00\n"
|
8 |
"Last-Translator: Valdir Trombini <valdirtrombini@hotmail.com>\n"
|
9 |
"Language-Team: Valdir Trombini <valdirtrombini@hotmail.com>\n"
|
10 |
"MIME-Version: 1.0\n"
|
538 |
|
539 |
#: login-security-solution.php:1852
|
540 |
msgid "Your website, %s, may have been broken in to."
|
541 |
+
msgstr "Seu website, %s, pode ter sido arrombado e invadido."
|
542 |
|
543 |
#: login-security-solution.php:1855
|
544 |
msgid ""
|
586 |
"in? We are asking because the site happens to be under attack at the moment."
|
587 |
msgstr ""
|
588 |
"Alguém acaba de se conectar em sua conta '%s'. Foi você que se conectou %s? "
|
589 |
+
"Estamos perguntando porque o site pode estar sob ataque neste momento."
|
590 |
|
591 |
#: login-security-solution.php:1894
|
592 |
msgid "If it was NOT YOU, please do the following right away:"
|
login-security-solution.php
CHANGED
@@ -6,7 +6,7 @@
|
|
6 |
* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
|
7 |
*
|
8 |
* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
-
* Version: 0.
|
10 |
* (Remember to change the VERSION constant, below, as well!)
|
11 |
* Author: Daniel Convissor
|
12 |
* Author URI: http://www.analysisandsolutions.com/
|
@@ -42,7 +42,7 @@ class login_security_solution {
|
|
42 |
/**
|
43 |
* This plugin's version
|
44 |
*/
|
45 |
-
const VERSION = '0.
|
46 |
|
47 |
/**
|
48 |
* This plugin's table name prefix
|
6 |
* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
|
7 |
*
|
8 |
* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
+
* Version: 0.29.0
|
10 |
* (Remember to change the VERSION constant, below, as well!)
|
11 |
* Author: Daniel Convissor
|
12 |
* Author URI: http://www.analysisandsolutions.com/
|
42 |
/**
|
43 |
* This plugin's version
|
44 |
*/
|
45 |
+
const VERSION = '0.29.0';
|
46 |
|
47 |
/**
|
48 |
* This plugin's table name prefix
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danie
|
|
4 |
Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, lockdown, ban, brute force, brute, force, authentication, auth, cookie, users
|
5 |
Requires at least: 3.3
|
6 |
Tested up to: 3.4.1
|
7 |
-
Stable tag: 0.
|
8 |
|
9 |
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.
|
10 |
|
@@ -364,6 +364,11 @@ implementation, use the scripts I made for generating all of the `.po` and
|
|
364 |
|
365 |
== Changelog ==
|
366 |
|
|
|
|
|
|
|
|
|
|
|
367 |
= 0.28.1 (2012-09-15) =
|
368 |
* Update `.mo` translation files.
|
369 |
|
4 |
Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, lockdown, ban, brute force, brute, force, authentication, auth, cookie, users
|
5 |
Requires at least: 3.3
|
6 |
Tested up to: 3.4.1
|
7 |
+
Stable tag: 0.29.0
|
8 |
|
9 |
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.
|
10 |
|
364 |
|
365 |
== Changelog ==
|
366 |
|
367 |
+
= 0.29.0 (2012-09-17) =
|
368 |
+
* Adjust formatting of the `CREATE TABLE` statement in `activate()` to prevent
|
369 |
+
WordPress' `dbDelta()` from creating duplicate keys each time the plugin is
|
370 |
+
activated.
|
371 |
+
|
372 |
= 0.28.1 (2012-09-15) =
|
373 |
* Update `.mo` translation files.
|
374 |
|
tests/expected/fr_FR/LoginFailTest--test_process_login_fail__post_threshold
CHANGED
@@ -9,7 +9,7 @@ Au moins %d tentatives infructueuses de connexion au cours des dernières %d min
|
|
9 |
Composant Nombre Valeur de la tentative courante
|
10 |
------------------------ ----- --------------------------------
|
11 |
Réseau IP 4 1.2.38
|
12 |
-
|
13 |
MD5 du mot de passe %d %s
|
14 |
|
15 |
Le plugin %s (%s) pour WordPress pare l'attaque en ralentissant la réponse à chaque tentative échouée.
|
9 |
Composant Nombre Valeur de la tentative courante
|
10 |
------------------------ ----- --------------------------------
|
11 |
Réseau IP 4 1.2.38
|
12 |
+
Identifiant 4 test
|
13 |
MD5 du mot de passe %d %s
|
14 |
|
15 |
Le plugin %s (%s) pour WordPress pare l'attaque en ralentissant la réponse à chaque tentative échouée.
|
tests/expected/fr_FR/LoginFailTest--test_wp_login__post_breach_threshold
CHANGED
@@ -9,17 +9,19 @@ Quelqu'un vient de se connecter avec les données qui suivent. Avant cela, plusi
|
|
9 |
Composant Nombre Valeur de la tentative courante
|
10 |
------------------------ ----- --------------------------------
|
11 |
Réseau IP 4 1.2.38
|
12 |
-
|
13 |
MD5 du mot de passe %d %s
|
14 |
|
15 |
L'utilisateur à été déconnecté et il devra confirmer son identité via le processus de changement de mot de passe.
|
16 |
|
17 |
Ce message provient du plugin Login Security Solution (%s) pour WordPress.
|
18 |
To: %a
|
19 |
-
Subject:
|
20 |
|
21 |
Quelqu'un a %s vient de se connecter en tant que '%s'. Était-ce vous? Nous vous posons la question parce que le site semble subir une attaque.
|
22 |
|
23 |
Si ce n'était PAS VOUS, veuillez suivre ces consignes au plus vite:
|
24 |
-
1) Connectez vous à
|
25 |
2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui vous êtes connecté récemment.
|
|
|
|
9 |
Composant Nombre Valeur de la tentative courante
|
10 |
------------------------ ----- --------------------------------
|
11 |
Réseau IP 4 1.2.38
|
12 |
+
Identifiant 4 test
|
13 |
MD5 du mot de passe %d %s
|
14 |
|
15 |
L'utilisateur à été déconnecté et il devra confirmer son identité via le processus de changement de mot de passe.
|
16 |
|
17 |
Ce message provient du plugin Login Security Solution (%s) pour WordPress.
|
18 |
To: %a
|
19 |
+
Subject: ASSUREZ VOUS D'ÊTRE CONNECTÉ À %a
|
20 |
|
21 |
Quelqu'un a %s vient de se connecter en tant que '%s'. Était-ce vous? Nous vous posons la question parce que le site semble subir une attaque.
|
22 |
|
23 |
Si ce n'était PAS VOUS, veuillez suivre ces consignes au plus vite:
|
24 |
+
1) Connectez vous à le site et changez votre mot de passe.
|
25 |
2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui vous êtes connecté récemment.
|
26 |
+
|
27 |
+
si C'ÉTAIT VOUS, pour évitez les soucis connectez vous au site, rendez vous sur votre page de profil, et cliquez sur le bouton '%s'. Le site enregistrera votre adresse IP comme légitime.
|
tests/expected/pt_BR/LoginFailTest--test_wp_login__post_breach_threshold
CHANGED
@@ -1,7 +1,7 @@
|
|
1 |
To: %a
|
2 |
Subject: INVASÃO EM POTENCIAL %s
|
3 |
|
4 |
-
Seu website
|
5 |
|
6 |
Alguém acabou logado com os seguintes componentes. Antes disso, uma combinação desses componentes eram uma parte de %d tentativas para iniciar sessão durante os últimos %d minutos:
|
7 |
|
@@ -16,10 +16,12 @@ O usuário foi desconectado e será obrigado a confirmar sua identidade através
|
|
16 |
|
17 |
Esta mensagem é proveniente do plugin Login Security Solution (%s) do seu WordPress.
|
18 |
To: %a
|
19 |
-
Subject:
|
20 |
|
21 |
-
Alguém
|
22 |
|
23 |
-
Se NÃO
|
24 |
-
1)
|
25 |
2) Enviar um e-mail para %s, deixando que ele saiba que não foi você que fez o acesso.
|
|
|
|
1 |
To: %a
|
2 |
Subject: INVASÃO EM POTENCIAL %s
|
3 |
|
4 |
+
Seu website, %s, pode ter sido arrombado e invadido.
|
5 |
|
6 |
Alguém acabou logado com os seguintes componentes. Antes disso, uma combinação desses componentes eram uma parte de %d tentativas para iniciar sessão durante os últimos %d minutos:
|
7 |
|
16 |
|
17 |
Esta mensagem é proveniente do plugin Login Security Solution (%s) do seu WordPress.
|
18 |
To: %a
|
19 |
+
Subject: VERIFIQUE SE VOCÊ ESTÁ CONECTADO PARA %a
|
20 |
|
21 |
+
Alguém acaba de se conectar em sua conta '%s'. Foi você que se conectou %s? Estamos perguntando porque o site pode estar sob ataque neste momento.
|
22 |
|
23 |
+
Se NÃO é VOCÊ, por favor, faça o seguinte de imediato:
|
24 |
+
1) Efetue login no site e altere a sua senha.
|
25 |
2) Enviar um e-mail para %s, deixando que ele saiba que não foi você que fez o acesso.
|
26 |
+
|
27 |
+
Se FOI VOCÊ, pode ser reduzido os aborrecimentos futuros para entrar no site, vá para página do seu prefil e clique no botão '%s'. O site vai se lembrar do seu endereço IP como sendo legítimo.
|