[wp-hackers] Limit Login Attempts
Sam Hotchkiss
sam at hotchkissconsulting.net
Wed Apr 24 11:53:40 UTC 2013
On Monday, April 22, 2013 at 5:11 PM, Chris Williams wrote:
> If he's only logging failed login attempts, I would think a) it wouldn't
> harm you performing a valid login (since that wouldn't be logged), and b)
> a delay in response to a failed login would be a good thing... Slow those
> puppies down.
Correct, API calls are only made:
The first time a given IP attempts to access your login page (we check to see if it's a known attacker, if not, the IP gets whitelisted and not re-checked until they have a failed login)
When a failed login attempt is made
When you visit the plugin settings page (it re-verifies your API key)
--
Sam Hotchkiss :: Principal / Senior Web Developer
Hotchkiss Consulting Group
P: 207.200.4314 :: F: 207.209.1365
E-mail: sam at hotchkissconsulting.com (mailto:sam at hotchkissconsulting.com)
Google Talk: sam at hotchkissconsulting.com (mailto:sam at hotchkissconsulting.com)
Skype: hotchkiss.consulting
http://www.hotchkissconsulting.com/
More information about the wp-hackers
mailing list