Hi, thanks for the suggestion. Checking hostnames would add a significant overhead to the script. At the moment the idea is to use as few resources as possible so that if it’s being hammered multiple times per second it still doesn’t put a strain on the server being attacked. Users have reported enormous cpu spikes being nullified by installing this plugin. Adding a DNS lookup for every request would change that.
Are the IPs you’re allocated not on the same subnet? You could use partial matching and input 192.168 in the whitelist for example to match any IPs starting with those triplets – or any partial IP address.
Thanks.
Thread Starter
ghuth
(@ghuth)
I’m using a personal account with a pretty large ISPs, so I suspect whitelisting the subnet may well mean that I whitelist some infected machines.
It’s still a good option for me to fall back on though…
What were your thoughts re
some other simple way to allow us to bypass the blocker… perhaps a whitelist text file in the plugin directory
Other options could be checking for a unique code in the request url… I don’t know… just SOMETHING to allow me in if the block starts and my IP has changed from what is in my whitelist.
I’ve been toying with the idea of something like that, maybe a link to a login with a CAPTCHA field, I’m just concerned about increasing the overheads on the script. I’ll have a think about the best way to implement this.
