[wp-forums] Update 9/28

Matt Mullenweg m at mullenweg.com
Mon Oct 2 03:53:48 GMT 2006


Podz wrote:
> Excellent - I just found and blocked the ***** who kept spamming the
> plugin trac for months. But... if we block users like that we are only
> blocking them from that corner of the empire?

Michael, as long as someone has valid user/pass in the DB they can still 
login to our externally authenticated HTTP resources, like the various 
Tracs.

The best solution is to break either their username or password in some 
way that is reversable but prevents them from logging in, like adding 
-BLOCKED to the end of their password hash and/or email address.

-- 
Matt Mullenweg
  http://photomatt.net | http://wordpress.org
http://automattic.com | http://akismet.com


More information about the wp-forums mailing list