Linux 软件免费装

在这里免费安装WordPress以及其他软件

Password Protection

开发者 c3mdigital
更新时间 2013年4月16日 19:14
捐献地址: 去捐款
PHP版本: 3.5.1 及以上
WordPress版本: 3.6 beta
版权: GPLv2 or later
版权网址: 版权信息

标签

security password protection brute force blocking

下载

详情介绍:

This plugin helps prevent annoyance from multiple brute force login attempts to your site. It does this by adding an additional authentication method. Once you enable the plugin and enter a username and password ( please use a different username and password than your WordPress admin account ). Any user or bot that attempts to access wp-admin or your login page will be required to successfully enter the additional authorization details before allowed access to the WordPress login page. You can also set your login page to not allow direct access without a valid referrer header from your site. Please Note: No security plugin will provide 100% protection from hackers. This plugin simply makes it harder for them to gain access using automated techniques. Please remember to ALWAYS KEEP UP TO DATE BACKUPS and use STRONG PASSWORDS!! PLEASE NOTE: Very Limited support will be offered for this plugin but it will be kept up to date and any bugs can be reported on the github page at https://github.com/c3mdigital/password-protection.

安装:

  1. Upload the password-protection folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the 'Plugins' menu in WordPress
  3. Visit the settings page and enter a username and password to be used as the secondary authorization

屏幕截图:

  • HTTP Authentication on Chrome, your browser my not look the same but it should be similar.
  • The admin interface.

升级注意事项:

1.0.2
  • All users should update to this version to prevent bypassing of authentication
  • Again you will be required to reset your password after updating
1.0.1
  • This update strengthens the password hashing to use the built WordPress password hashing and checking. It also fixes bugs that allowed bypassing auth checks when WordPress installed in subdirectory.
  • This update will clear your current password to prevent getting locked out due to new password hashing used. Please update your password after updating.
1.0
  • You just installed it and don't need to upgrade

常见问题:

Will this plugin keep my site from being hacked?

NO! No plugin can keep your site from being hacked but this plugin will stop annoying brute force attempts to your login page.

What is a No-Referrer Request?

A No-Referrer Request is a direct request made to your wp-login.php file. Normally when you go to wp-admin and you are not logged in WordPress will redirect you to wp-login.php. When this happens the referrer is from your same domain. Bots and automated scripts normally make direct post requests to wp-login.php without a referrer. This plugin can block all requests without a referrer or requests from a referrer that is not from your domain.

What if I forget my Password?

If you forget your password there is no way to recover it because it is stored as an encrypted hash. If you forget your password you will have to disable the plugin by changing the name of the password-protection using FTP. Once disabled and you log in you can then re activate the plugin and enter a new password on the settings page.

更新日志:

1.0.2 1.0.1 1.0