st01en
Forum Replies Created
-
Still busted, looks like this is the offending bit of code (in classes/wp-security-utility-ip-address.php )
/*
* Returns the first three octets of a sanitized IP address so it can used as an IP address range
*/
static function get_sanitized_ip_range($ip)
{
global $aio_wp_security;
//$ip = AIOWPSecurity_Utility_IP::get_user_ip_address(); //Get the IP address of user
$ip_range = ”;
$valid_ip = filter_var($ip, FILTER_VALIDATE_IP); //Sanitize the IP address
if ($valid_ip)
{
$ip_range = substr($valid_ip, 0 , strrpos ($valid_ip, “.”)); //strip last portion of address to leave an IP range
}
else
{
//Write log if the ‘REMOTE_ADDR’ contains something which is not an IP
$aio_wp_security->debug_logger->log_debug(“AIOWPSecurity_Utility_IP – Invalid IP received “.$ip,4);
}
return $ip_range;
}This will not handle IPv6 addresses correctly.
Just updated to 4.0.4 and retested, same issue.
Let me know if you need more info.Some more testing shows that it only breaks there are ip addresses in the block list.
Also, (and I should have mentioned this) it appears that this only broke with the 4.0.2 update. When I first installed it, I was able to log in with IPv6.
I only installed it 1 week ago, and it updated 3 days or so ago.
The system info tab gives me this for the AIOWPS plugin:All In One WP Security 4.0.2 http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-pluginI’m not able to add an IPv6 address to the whitelist, I get this error:
2001:470:81e5::1 is not a valid ip address format.No, there are no IPs (v4 or v6) there, and that feature is not turned on.
Will try it out and see what happens.