I did some tests and saw the call afterwards. I did the following tests that returned the code 200 and not an error of the family 400: 1) I left all fields blank and typed enter 2) put the user name and type enter 3) put username and password, typed enter after that I went to the log and examined q for these transactions the plugin returned cod 200 after the wrong attempts. I hope I helped improve your plugin. I liked it a lot because it is a “lightweight” plugin.
Error 403 for each access without information (blank) or with wrong data. So the firewalls are also able to count by error codes and block the ip.
Thanks
Suggestion: The Plugin should return the error code when trying to enter the site. He does not return. It appears in the Log (cod. 200) for each attempt.
