[wp-hackers] Counting failed logins
ringmaster at midnightcircus.com
Mon Dec 5 15:25:39 GMT 2005
> I'm making an assumption that in order to get access to a blog it has to
> be through wp-login.php and not some passing of a string, but is there a
> way for failed logins to be counted ?
> I can run tools like wwhack against my login page all day and I will get
> no warning that someone is trying to get access. Can this be set to a
> certain number and then something happens - at the very least the blog
> owner getting an email or two ?
I have written an unreleased plugin for this. I was planning on adding
a few other security devices before I put it out there. I was talking
to Skippy about adding some Impostercide features, and was thinking
about incorporating some checks of the user table to watch for
unauthorized capabilities promotion, among other things.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2416 bytes
Desc: not available
Url : http://comox.textdrive.com/pipermail/wp-hackers/attachments/20051205/f0702faa/armor.bin
More information about the wp-hackers