Title: Missing core feature within your plugin, please add it, code attached Last modified: August 22, 2016 --- # Missing core feature within your plugin, please add it, code attached * Resolved [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 8 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/) * Hi, within your pulugin there is missing an action which is availalble in the main core. * See loginlockdown by the function ll_wp_authenticate_username_password, please add there the do_action as below: * > function ll_wp_authenticate_username_password($user, $username, $password){ > > if ( is_a($user, ‘WP_User’) ) { return $user; } > do_action( ‘wp_login_failed’, $username ); > if ( empty($username) || empty($password) ) { * This is needed to do “own” stuff, like write all failed logins to an logfile, to block users serverwide over multiple pages as example. * Thanks Stefan * [https://wordpress.org/plugins/login-lockdown/](https://wordpress.org/plugins/login-lockdown/) Viewing 9 replies - 1 through 9 (of 9 total) * [mvandemar](https://wordpress.org/support/users/mvandemar/) * (@mvandemar) * [11 years, 8 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5336918) * I will look into the code to see what has changed in the core function, and what the effect will be to add that in. * -Michael * Thread Starter [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 8 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337033) * Hi Michael * Thats easy to say. Nothing else as an hook for additioal things to do, when a login fails. Core has added that, that other plugins can log “failed auth”. Your function doesn’t have it. * Nothing change at all at YOUR functionality. But I can add for example an new hook: `add_action('wp_login_failed', 'mystuff');` This is working in the CORE function, but not in yours. * I need that hook, to ban people across the complete server, once they tried multiple sites in the network without luck. * Hope I get the update soon, that my plugin is running fine afterwards with your code. * Thanks for feedback Regards Stefan * Thread Starter [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337074) * I get bruteforced since weeks and waiting on the serverwide protection to implement. * Otherwise I will forge your plugin with that small code added. * Cant wait any longer. Please send me an update if you will add it and around when the next release is planned if yes. * Regards * [mvandemar](https://wordpress.org/support/users/mvandemar/) * (@mvandemar) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337075) * Stefan, are you referring to a Multisite installation when you say “across a network”? * -Michael * Thread Starter [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337076) * No. This action can be used by other plugins to “do” stuff when a login failed, like protocoll it to a blacklist (what I’m inteneded to do) and works without your plugin, as the action is present in the official wp_login from wordpress. But as your plugin is modifing it… as already said… * I want to add there the hook to protocoll it to global blacklist. The blacklist can then be checked by other WP installations across the server or multiple servers and ban brutforces across multiple single or mu installations, across servers. * Thread Starter [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337077) * read here: [https://wordpress.org/support/topic/hook-for-fail-and-successful-login-actions?replies=2](https://wordpress.org/support/topic/hook-for-fail-and-successful-login-actions?replies=2) Go into wp-includes/pluggable.php * check wp_authenticate() function. And see, Its there. * As your plugin replaces this pluggable function and your plugin is missing that, its not working. * I will really in some days add an automatism where your updates automatically adds this line of code and publish to wp.org as enhancement to your plugin. * Thread Starter [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337078) * AARGGGG found your mistake… * ``` if ( 'yes' == $loginlockdownOptions['mask_login_errors'] ) { return new WP_Error('authentication_failed', sprintf(__('ERROR: Invalid username or incorrect password. Lost your password?'), site_url('wp-login.php?action=lostpassword', 'login'))); } else { do_action('wp_login_failed', $username); } ``` * If I enable mask login errors, the code will not been used within your plugin, when I disable the login errors, the code is triggered. The code need to be triggered in any case, as it is an error by the login… * Perhaps you can fix this.. * ``` do_action('wp_login_failed', $username); if ( 'yes' == $loginlockdownOptions['mask_login_errors'] ) { return new WP_Error('authentication_failed', sprintf(__('ERROR: Invalid username or incorrect password. Lost your password?'), site_url('wp-login.php?action=lostpassword', 'login'))); } ``` * Thread Starter [Stefan M.](https://wordpress.org/support/users/stefan-m-1/) * (@stefan-m-1) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337081) * forge is made to solve the issue. not published yet, will follow. * I did close the request. * [mvandemar](https://wordpress.org/support/users/mvandemar/) * (@mvandemar) * [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337082) * Stefan, I see it now. I need to rewrite sections of the plugin anyway, I will incorporate the change in the next version. * -Michael Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘Missing core feature within your plugin, please add it, code attached’ is closed to new replies. * ![](https://ps.w.org/login-lockdown/assets/icon-256x256.png?rev=2901919) * [Login Lockdown & Protection](https://wordpress.org/plugins/login-lockdown/) * [Frequently Asked Questions](https://wordpress.org/plugins/login-lockdown/#faq) * [Support Threads](https://wordpress.org/support/plugin/login-lockdown/) * [Active Topics](https://wordpress.org/support/plugin/login-lockdown/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/login-lockdown/unresolved/) * [Reviews](https://wordpress.org/support/plugin/login-lockdown/reviews/) * 9 replies * 2 participants * Last reply from: [mvandemar](https://wordpress.org/support/users/mvandemar/) * Last activity: [11 years, 7 months ago](https://wordpress.org/support/topic/missing-core-feature-within-your-plugin-please-add-it-code-attached/#post-5337082) * Status: resolved