[wp-trac] [WordPress Trac] #25446: Return HTTP status code 401 upon failed login
WordPress Trac
noreply at wordpress.org
Wed Jul 9 09:26:52 UTC 2014
#25446: Return HTTP status code 401 upon failed login
-------------------------+------------------------------
Reporter: raoulbhatia | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.6
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-------------------------+------------------------------
Comment (by RavanH):
Replying to [comment:10 s19n]:
> +1 for this feature, or anything else could be used to build a (much
needed) security filter in front of WordPress.
Much needed indeed. Install a plugin like Limit Login Attempts and turn on
e-mail notification on lockouts... It's amazing how many (automated)
brute-force attacks are hitting even the smallest of blog sites on a daily
basis! I think in this day and age, and as widely used as WordPress is,
any security measure -- like limiting login attempts, two-factor
authentification or a logical login scenario where a server-side solution
like a fail2ban filter can depend on --should be built-in.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/25446#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list