Blocks IPs after authentication | ww.wp.xz.cn

lgretton
(@lgretton)

6 years, 6 months ago
It looks like WP always authenticates users before loginizer has applied the IP rules. I use the AuthLDAP plugin to hand off auth to an LDAP directory, and I can see this is still getting queried even for logins from blacklisted IPs.

For me that’s a big problem as the LDAP backend disables has its own account locking mechanism, so brute force attempts causing lockouts are still possible even with loginizer in the way.

Is there a way for loginizer to only pass through to the auth layer if the IP is not blacklisted?
- This topic was modified 6 years, 6 months ago by lgretton.

The topic ‘Blocks IPs after authentication’ is closed to new replies.

0 replies
1 participant
Last reply from: lgretton
Last activity: 6 years, 6 months ago
Status: not resolved