Comments on: Limit Login Attempts

By: Erik

Erik — Sun, 28 Feb 2010 02:04:59 +0000

Hey,
I use wordpress mu(2.9.1.1) and I just spent some time reworking the plugin(1.4.1) to be more MU friendly. I will mention that this plugin works FANTASTICLY with wordpress mu 2.9.1.1.... Other Mu users may find this usefull... A couple things...

first, I set the variables at the top of the plugins .php file i wanted to be global. The file is very well noted by the author, OMG thank you! Very easy to control what variables the plugin activates with thanks to great coding and thoughtful notation.

Then I changed the function that mails lockout notification to the administrator, so that it will email the super site admin(me) rather than that particular sub blogs admin.. what i did was modify the get_option in line394 to say:
@wp_mail(get_site_option('admin_email'), $subject, $message);

Then, i changed the code where it constructs the plugins dashboard submenu. I changed it so that it would show under the site admin menu instead of settings. that way only the super site admin can see it and not the sub blog administrators. I changed Line 607 to:
add_submenu_page('wpmu-admin.php', 'Limit Login Attempts', 'Limit Login Attempts', 10, 'limit-login-attempts', 'limit_login_option_page');

Then I used the plugin manager to auto-activate the plugin for all users sitewide.. that way any newly generated blogs will automatically activate the plugin with the settings I want, and having moved the menu, users cant modify them.

It is important to note, that if the plugins menu is accessable to your users, they can deactivate the plugin. Rather than attempt to solve this, i will just hope that my users are not that stupid.

hope this helps...

oh, the settings I changed to my likeing were;
login attempts moved to 5,
lockout time decreased to 15 min.
lockout log settings changed to 'log, email'
and notify email after 1 lockout

By: Alla Taomoto

Alla Taomoto — Mon, 22 Feb 2010 13:16:09 +0000

Though I would've loved it much more if you added a relevant video or at least pictures to back up the explanation, I still thought that your write-up quite helpful. It's usually hard to make a complicated matter seem very easy. I enjoy your weblog and will sign up to your feed so I will not miss anything. Fantastic content

By: realesegame

realesegame — Fri, 12 Feb 2010 21:49:54 +0000

How in work rhis plugin in wordpress 2.9.1?

By: Daniel Kamp

Daniel Kamp — Wed, 20 Jan 2010 09:40:30 +0000

Very cool Plugin ! Thanks!

By: ds281

ds281 — Wed, 13 Jan 2010 20:04:11 +0000

Would love better support for MU if possible! Loving what this plugin provides so far on the main blog! Thanks for your work.

By: Particularlywarn

Particularlywarn — Thu, 07 Jan 2010 07:33:15 +0000

Importance Lose,essential difficulty nod i play visit elsewhere person human onto front second leader youth local well part me hit loss yourself team your module occasion outside prime variety gold measure desk society reader around enough commitment afternoon necessary mother industrial draw bed index aware whilst radio blow association studio truth put immediate care responsibility benefit sorry demand end very lawyer who by protect thin express priority today relevant ball recommend perform middle instance maybe consist exactly confirm die owner hence variety version commitment teacher capital indeed bridge party significance

By: Jason Wong

Jason Wong — Wed, 06 Jan 2010 08:31:48 +0000

Amazing plugin.

However, I wish that it can work well with Login with Ajax plugin/widget, as I noticed that the error message produced by the Limit Login Attempts plugin isn't immediately displayed on the Login with Ajax widget. It appears that's a loop delay ... Strange??

Please keep me posted if there's a possible solution to this 'hiccup' ...

Cheers ... Jason

By: Johan Eenfeldt

Johan Eenfeldt — Sat, 14 Nov 2009 09:54:15 +0000

Thanks for the feedback.

I've been looking at MU recently and hope to add real support for it once I get 2.0 out the doors.

By: jim

jim — Thu, 12 Nov 2009 00:29:41 +0000

Please report any success or failure!

Just thought I'd provide some MU / Simple:Press feedback... using our dev. environment, v2.0b3 seemed to work perfectly on our main blog running WPMU 2.8.5.2. It also seems to play nice with Simple:Press since any login errors are shown on the WP login screen, not inline on the Forums page.

I may or may not install this on our production site quite yet though, for the following reason. Limit-Login must be placed in the Plugins folder to work, and then it only works for the blog on which it is activated. We do not want to give all users this level of control. Using WMPU Plugin Manager, I limited activation to the main blog only, and this solves half the problem – sub blogs no longer have access to the plugin, but then it no longer limits/logs login attempts on those blogs either.

Since our primary concern is users locking themselves out after 5 failed logins (via our firewall settings) when signing in on the Forums page, this plugin may very well meet our needs, since only a few users may be logging in directly via their own blog.

I like the ample warning it provides, and how it logs IP addresses. A nice feature would be the ability to remove ban from specific IPs, instead of all at once.

Thanks again, kep up the good work!

By: Keith Davis

Keith Davis — Tue, 10 Nov 2009 17:40:46 +0000

@Johan

Sent details of your plugin to Shinephp and the guy over there did a review... see link below:
http://www.shinephp.com/limit-login-attempts-1-4-1-wordpress-plugin-r...

He recommended your plugin over Login lockdown

I will install on my live site.