[wp-hackers] Limit Login Attempts

Sam Hotchkiss sam at hotchkissconsulting.net
Wed Apr 24 11:53:40 UTC 2013


On Monday, April 22, 2013 at 5:11 PM, Chris Williams wrote:

> If he's only logging failed login attempts, I would think a) it wouldn't
> harm you performing a valid login (since that wouldn't be logged), and b)
> a delay in response to a failed login would be a good thing... Slow those
> puppies down.


Correct, API calls are only made:
The first time a given IP attempts to access your login page (we check to see if it's a known attacker, if not, the IP gets whitelisted and not re-checked until they have a failed login)
When a failed login attempt is made
When you visit the plugin settings page (it re-verifies your API key)




-- 
Sam Hotchkiss :: Principal / Senior Web Developer
Hotchkiss Consulting Group
P: 207.200.4314 :: F: 207.209.1365
E-mail: sam at hotchkissconsulting.com (mailto:sam at hotchkissconsulting.com)
Google Talk: sam at hotchkissconsulting.com (mailto:sam at hotchkissconsulting.com)
Skype: hotchkiss.consulting
http://www.hotchkissconsulting.com/







More information about the wp-hackers mailing list