Login protection doesn’t work as expected

  • Resolved fariazz

    (@fariazz)


    7 years, 3 months ago

    If you disable login protection, the plugin will still block an IP after “x” amount of failed login attempts.

    This is not how it should work. If one has the login module disabled, Shield shouldn’t interfere with failed login attempts.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author One Dollar Plugin

    (@onedollarplugin)

    7 years, 3 months ago

    The login protection is focused primarily on detecting failed bot logins. With legitimate failed (username+password) login attempts, these are recorded separately in the plugin.

    We’ll be moving this out of where it is currently and providing an option for it. So it’s just not currently clear where it’s operating from.

    Thanks for pointing this out and highlighting the inconsistency there. We’ll hopefully have this fixed for the next major release, if not the one thereafter.

    Thread Starter fariazz

    (@fariazz)

    7 years, 3 months ago

    Thanks for the quick reply! That’s great to hear this will be made into a setting.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Login protection doesn’t work as expected’ is closed to new replies.