After the recent global distributed botnet attack on WordPress installations that took down servers and broke into admin accounts, I thought I’d write a plugin to prevent it happening again.
在最近针对WordPress安装的全球分布式僵尸网络攻击导致服务器关闭并闯入管理员帐户后,我想我应该写一个插件来防止再次发生。
Distributed botnet attacks can come from multiple IP addresses and locations at the same time, so conventional IP-based lockouts are not effective (e.g. those found in Wordfence and other WordPress security plugins).
分布式僵尸网络攻击可能同时来自多个IP地址和位置,因此常规的基于IP的锁定是无效的(例如,在Wordfence和其他WordPress安全插件中发现的锁定)。
For example, if 1,000 different computers (with unique IP addresses) are trying to brute-force your admin password and you lock out each IP address after 5 incorrect attempts then you have still allowed 5,000 attempts.
例如,如果1,000台不同的计算机(具有唯一的IP地址)试图强行使用您的管理员密码,并且您在5次错误尝试后锁定了每个IP地址,那么您仍然允许5,000次尝试。
My plugin essentially ignores the different IP addresses and locks out all admin login attempts in a configurable way – so if you have it set to 5 failed attempts (default) then those 1,000 different computers will only have a total between them of 5 attempts.<
我的插件实际上忽略了不同的IP地址,并以可配置的方式锁定了所有管理员登录尝试–因此,如果将其设置为5次失败尝试(默认),则这1000台不同的计算机之间总共只有5次尝试。
/p>
/ p>
You can select how many login failures causes the lockout, how much time to allow between failures, how long to block logins for and also you can input a whitelisted IP address (or multiple addresses separated with commas or spaces) which can bypass
您可以选择导致锁定的登录失败次数,两次失败之间允许的时间,阻止登录的时间,还可以输入白名单的IP地址(或多个用逗号或空格分隔的地址),这些地址可以绕过
the lockdown and always log in – so you can still always get into your site even in the middle of an attack.
锁定并始终登录–因此,即使在攻击过程中,您仍然可以始终进入您的站点。
There is also support for partial IP address matching for those with dynamic IP addresses.
对于具有动态IP地址的用户,还支持部分IP地址匹配。
You can also define a secret key to bypass the lock.
您还可以定义一个秘密密钥来绕过锁定。
- Any failed login is counted regardless of username or IP address (unless whitelisted)
- 无论用户名或IP地址如何(无论是否列入白名单),都会记录任何失败的登录
- Once locked down, nobody can log in except from whitelisted IP addresses or using the secret key
- 一旦锁定,除了从白名单中的IP地址或使用密钥之外,其他任何人都无法登录
- You can specify the number of login failures that triggers a lockdown
- 您可以指定触发锁定的登录失败次数
- You can specify the time between failed attempts that should be counted
- 您可以指定两次失败尝试之间的时间
- You can specify how long the lockdown should last
- 您可以指定锁定应持续多长时间
- You can add a secret key that bypasses the lockdown
- 您可以添加绕过锁定的秘密密钥
- You can customise the lockout message
- 您可以自定义锁定消息
- You can add whitelisted IP addresses that bypass the lockdown
- 您可以添加列入白名单的IP地址,以绕过锁定
- Partial IP address matching for dynamically-allocated IP addresses
- 部分IP地址匹配以动态分配IP地址
- Multisite compatible
- 兼容多站点
- Available in English, French, German, Italian and Russian
- 提供英语,法语,德语,意大利语和俄语
