Title: [Plugin: Login Security Solution] Feature request: Auto-block IP range
Last modified: August 20, 2016

---

# [Plugin: Login Security Solution] Feature request: Auto-block IP range

 *  Resolved [Marty](https://wordpress.org/support/users/bozzmedia/)
 * (@bozzmedia)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/)
 * Hi! Again thanks for the great plugin.
 * We’re finding we have to block IP ranges (via cpanel block IP range feature) 
   rather frequently. It would be amazing if IP blocking was incorporated into this
   plugin. Either automatically triggered after X number or at least managed in 
   the WP backend.
 * Thanks for the consideration!
 * [http://wordpress.org/extend/plugins/login-security-solution/](http://wordpress.org/extend/plugins/login-security-solution/)

Viewing 11 replies - 1 through 11 (of 11 total)

 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060151)
 * Hey Steve:
 * LSS already does automatic blocking for network IP addresses. What do you gain
   by blocking them via cPanel/firewall/etc? Can you please clarify what you’re 
   seeking?
 * Thanks,
 * –Dan
 *  Thread Starter [Marty](https://wordpress.org/support/users/bozzmedia/)
 * (@bozzmedia)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060155)
 * I didn’t realize this — is there a list of all blocked IPs somewhere? We’ve been
   receiving the SITE IS UNDER ATTACK emails and using the IP range to block the
   IPs via cpanel. I guess I don’t understand when and how LSS does the blocking
   or how to review which IPs are blocked. Thanks!
 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060160)
 * The data is stored in the `<prefix>login_security_solution_fail` table. The plugin
   doesn’t have a user interface to view it, but you can run your own queries if
   you’re curious.
 * As long as the “Breach Email Confirm” is set to a reasonable number, attackers
   are blocked from actually getting in. In the unlikely event they do get lucky,
   LSS will force them out and require the actual user to verify their identity 
   via the password reset process.
 * The plugin’s verbosity freaks people out. I’ve been scaling that back in recent
   releases. Right now emails are sent each time the attack count is a modulus of“
   Failure Notification” setting. Maybe I should just have one email go out when
   the threshold is reached and that’s it. What do you think?
 *  Thread Starter [Marty](https://wordpress.org/support/users/bozzmedia/)
 * (@bozzmedia)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060162)
 * Thanks for the thorough explanation. I would suggest adding to the email a notification
   that the IP range has been blocked permanently. I could understand from the email
   that the attempts were being delayed, it wasn’t clear that any IPs were actually
   blocked.
 * I personally find it interesting to learn whether an IP user tried 30 or 120 
   times (for instance)
 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060163)
 * For the record, it’s not a permanent ban. The length of time is determined by
   the “Match Time” setting.
 * For the email preferences, perhaps I’ll add an option for admins to choose if
   they want one notification or repeated notifications.
 *  Thread Starter [Marty](https://wordpress.org/support/users/bozzmedia/)
 * (@bozzmedia)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060178)
 * This is the part that could use some clarification:
 * > The Login Security Solution plugin (0.30.0) for WordPress is repelling the 
   > attack by making their login failures take a very long time.
 * Note it doesn’t say anything about blocked IP, length of block, etc. — just that
   the failures are taking a long time. More specifics here would be a welcome addition.
 * Again, thanks for the fantastic plugin!
 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060183)
 * The length of time is mentioned at the top of the email. If an attacker gets 
   in, a separate email is sent explaining that they were booted out and the password
   reset.
 * Are you suggesting the passage you quoted include some text saying something 
   like “Don’t worry, even if they do get in, they’ll be immediately ejected.”
 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060193)
 * >  For the email preferences, perhaps I’ll add an option for admins to choose
   > if they want one notification or repeated notifications.
 * This has been added in the new release, 0.32.0.
 * There’s also new text in the readme about how this plugin blocks attackers.
 * Bozz: I’m still curious what you think about enhancements needed, if any, to 
   the notification emails.
 *  Thread Starter [Marty](https://wordpress.org/support/users/bozzmedia/)
 * (@bozzmedia)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060194)
 * Hi Daniel–
 * Thanks for asking. I don’t see anywhere in here that says “this IP is now blocked”—
   only that the attempts are being delayed — here is the full email I receive below.
 * I’d be looking for something like “This IP is now blocked from logging in for
   xx (mins/days/weeks)”
 * >     ```
   >     Your website, WEBSITE, is undergoing a brute force attack.
   > 
   >     There have been at least 160 failed attempts to log in during the past 120 minutes that used one or more of the following components:
   > 
   >     Component                    Count     Value from Current Attempt
   >     ------------------------     -----     --------------------------------
   >     Network IP                     122     111.222.333
   >     Username                       160     xxxx
   >     Password MD5                     1     xxxx
   > 
   >     The Login Security Solution plugin for WordPress is repelling the attack by making their login failures take a very long time.
   >     ```
   > 
 * I really appreciate the continuous improvements, thanks Daniel!
 *  Thread Starter [Marty](https://wordpress.org/support/users/bozzmedia/)
 * (@bozzmedia)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060195)
 * Over time it would be great to see permanent IP bans, and some sort of interface
   to manage them, incorporated into the plugin.
 *  Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * (@convissor)
 * [13 years, 7 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060224)
 * Hi Steve:
 * Release 0.33.0 includes some new text in the login failure notifications saying
   that the attacker will be blocked and that the given email will be the last one
   for the current attack. Both are conditional, being added or not depending on
   the settings in use at the time.
 * I’d rather not complicate things with a permanent IP ban listing/UI. At least
   at this point.
 * Thanks again,
 * –Dan
 * PS: when you get a chance, please give 0.33.0 a “works” vote.

Viewing 11 replies - 1 through 11 (of 11 total)

The topic ‘[Plugin: Login Security Solution] Feature request: Auto-block IP range’
is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/login-security-solution.svg)
 * [Login Security Solution](https://wordpress.org/plugins/login-security-solution/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/login-security-solution/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/login-security-solution/)
 * [Active Topics](https://wordpress.org/support/plugin/login-security-solution/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/login-security-solution/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/login-security-solution/reviews/)

 * 11 replies
 * 2 participants
 * Last reply from: [Daniel Convissor](https://wordpress.org/support/users/convissor/)
 * Last activity: [13 years, 7 months ago](https://wordpress.org/support/topic/plugin-login-security-solution-feature-request-auto-block-ip-range/#post-3060224)
 * Status: resolved