Home › Forums › BulletProof Security Pro › Block IP if username attacked
- This topic has 5 replies, 2 voices, and was last updated 10 years, 4 months ago by Krzysztof.
-
AuthorPosts
-
KrzysztofParticipant
Wordfence in its beta version has added a feature like this:
Feature: Immediately block IP if hacker tries any of the following usernames. (Comma separated list that you can specify on the Wordfence options page)
Maybe something similar could be added to BPS Pro?
KrzysztofParticipantAnd this looks nice too 😉
Prevent discovery of usernames through ‘?/author=N’ scans. New option under login security which you can enable.
I’m afraid that due to different protection methods implementing those two could be hard. Am I right?
AITpro AdminKeymasterWe have looked at and are still looking at auto-banning IP addresses and so far have not found a way to do this that does not seriously hurt / negatively impact website performance, but if we can figure out a way to do this without serious negative impact to website performance then we will add something like that.
Currently BPS Pro Login Security is performance optimized by not processing things that do not need to be processed and only processing things that do need to be processed. Â Processing things that are not important at the cost of website performance is not a smart thing to do. Â If something is a nuisance and not a threat then treat it as a nuisance and not a threat. Â Or in other words, do not treat nuisances as a threat at the cost of website performance.
This BPS Bonus Custom Code: Â Author Enumeration Bot Probe Protection already does the author id enumeration protection.
AITpro AdminKeymasterAlso we spent months trying out different forms of IP blocking and the result of months of research was JTC Anti-Spam / Anti-Hacker as it is very effective and performance optimized vs IP blocking which is very ineffective, time consuming and a website performance killer.
AITpro AdminKeymasterI stand corrected. Â A new auto-ban feature using a new concept that has been proven not to negatively impact website performance is scheduled to start development in BPS Pro 9.1. Â BPS Pro 9.0 is the next version release of BPS Pro and 9.0 contains many new major security features and one that is a new concept that has never been done or created before. Â BPS Pro 9.0 is in DEVLOCK, which means no more new features can be scheduled for inclusion in BPS Pro 9.0.
KrzysztofParticipantThank you for explaining the situation. I’m waiting eagerly for the new features in BPS PRO 😉
-
AuthorPosts
- You must be logged in to reply to this topic.