Home › Forums › BulletProof Security Pro › Block IP if username attacked
- This topic has 5 replies, 2 voices, and was last updated 9 years, 4 months ago by
Krzysztof.
-
AuthorPosts
-
Krzysztof
ParticipantWordfence in its beta version has added a feature like this:
Feature: Immediately block IP if hacker tries any of the following usernames. (Comma separated list that you can specify on the Wordfence options page)
Maybe something similar could be added to BPS Pro?
Krzysztof
ParticipantAnd this looks nice too 😉
Prevent discovery of usernames through ‘?/author=N’ scans. New option under login security which you can enable.
I’m afraid that due to different protection methods implementing those two could be hard. Am I right?
AITpro Admin
KeymasterWe have looked at and are still looking at auto-banning IP addresses and so far have not found a way to do this that does not seriously hurt / negatively impact website performance, but if we can figure out a way to do this without serious negative impact to website performance then we will add something like that.
Currently BPS Pro Login Security is performance optimized by not processing things that do not need to be processed and only processing things that do need to be processed. Â Processing things that are not important at the cost of website performance is not a smart thing to do. Â If something is a nuisance and not a threat then treat it as a nuisance and not a threat. Â Or in other words, do not treat nuisances as a threat at the cost of website performance.
This BPS Bonus Custom Code: Â Author Enumeration Bot Probe Protection already does the author id enumeration protection.
AITpro Admin
KeymasterAlso we spent months trying out different forms of IP blocking and the result of months of research was JTC Anti-Spam / Anti-Hacker as it is very effective and performance optimized vs IP blocking which is very ineffective, time consuming and a website performance killer.
AITpro Admin
KeymasterI stand corrected. Â A new auto-ban feature using a new concept that has been proven not to negatively impact website performance is scheduled to start development in BPS Pro 9.1. Â BPS Pro 9.0 is the next version release of BPS Pro and 9.0 contains many new major security features and one that is a new concept that has never been done or created before. Â BPS Pro 9.0 is in DEVLOCK, which means no more new features can be scheduled for inclusion in BPS Pro 9.0.
Krzysztof
ParticipantThank you for explaining the situation. I’m waiting eagerly for the new features in BPS PRO 😉
-
AuthorPosts
- You must be logged in to reply to this topic.