Descripción
Limit the number of login attempts that possible both through the normal login as well as using the auth cookies.
WordPress by default allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be cracked via brute-force relatively easily.
Limit Login Attempts Reloaded blocks an Internet address from making further attempts after a specified limit on retries has been reached, making a brute-force attack difficult or impossible.
Características:
- Limit the number of retry attempts when logging in (per each IP). This is fully customizable.
- Limit the number of attempts to log in using authorization cookies in the same way.
- Informs the user about the remaining retries or lockout time on the login page.
- Optional logging and optional email notification.
- Handles server behind the reverse proxy.
- It is possible to whitelist IPs using a filter. But you probably shouldn’t do this.
¡Todos tus ajustes se mantendrán intactos!
Muchos idiomas son compatibles con el plugin Limit Login Attempts Reloaded pero le damos la bienvenida a los adicionales.
Ayúdanos a llevar Limit Login Attempts Reloaded a incluso más culturas.
Traducciones: búlgaro, portugués brasileño, catalán, chino (tradicional), checo, neerlandés, finlandés, francés, alemán, húngaro, noruego, persa, rumano, ruso, español, sueco, turco
El plugin solo usa acciones y filtros estándar.
Reseñas
Colaboradores y desarrolladores
Este software es de código abierto. Las siguientes personas han contribuido a este plugin.
Colaboradores
"Limit Login Attempts Plus – WordPress Limit Login Attempts By Felix" ha sido traducido a 7 idiomas locales. Gracias a los traductores por sus contribuciones.
Traduce "Limit Login Attempts Plus – WordPress Limit Login Attempts By Felix" a tu idioma.
¿Interesado en el desarrollo?
Revisa el código, echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.
Registro de cambios
1.1.0
- Los ajustes se mudaron a una página separada.
- Corregido: Mensaje de error al acceder.
- Un problema de seguridad heredado de nuestro plugin original Limit Login Attempts ha sido arreglado.
1.0.9
- Se implementa la conformidad del RGPD.
- Fixed: ip_in_range() loop $ip overrides itself causing invalid results.
- Fixed: the plugin was locking out the same IP address multiple times, each with a different port.
1.0.8
- Added support of Sucuri Website Firewall.
1.0.7
- Fixed the issue with backslashes in usernames.
1.0.6
- Plugin returns the 403 Forbidden header after the limit of login attempts via XMLRPC is reached.
- Added support of IP ranges in white/black lists.
- Lockouts now can be released selectively.
- Fixed the issue with encoding of special symbols in email notifications.
1.0.5
- Added Multi-site Compatibility and additional MU settings.
1.0.4
- Los nombres de usuario y las direcciones IP pueden ser añadidas a listas blancas o negras.
- La bitácora de bloqueos ha sido invertida.
1.0.3
- IP addresses can be white-listed now.
- A “Gateway” column is added to the lockouts log. It shows what endpoint an attacker was blocked from.
- The “Undefined index: client_type” error is fixed.
1.0.2
1.0.1
- The site connection settings are now applied automatically and therefore have been removed from the admin interface.
- Now compatible with PHP 5.2 to support some older WP installations.
1.0.0
- Lanzamiento del plugin