Bugs Report BulletProof Plugin – QA2

Home Forums BulletProof Security Free Bugs Report BulletProof Plugin – QA2

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • December 28, 2017 at 6:55 pm #35183
    Nam
    Participant

    Hi Team,

    First I want to say special thanks for your support about previous bugs that I’ve reported

    (https://forum.ait-pro.com/forums/forum/bulletproof-security-free/)

    But during I’m using the plugin (with the latest version is 2.8), I saw something error when login to my account is locked by the first time and everything is good and then the second login again after this account was locked, the number of remaining is displayed not like my expected before.

    For example:

    First time: My account is locked after trying login too many failed and locked out for 5 minutes.

    Second time: After 5 minutes, my account is unlocked and I’ve login again but for the first time the number remaining is -1, -2, -3, -4….. and always increase after although it should be the number that I’ve set in administrator function.

    Please help me to solve this issue. Many thanks again and I’ll be happy waiting for your support.

    December 31, 2017 at 5:01 pm #35186
    AITpro Admin
    Keymaster

    Ok we will test this and see what is going on.

    January 13, 2018 at 12:44 pm #35244
    AITpro Admin
    Keymaster

    This issue has been fixed in BPS 2.9 and BPS Pro 13.4.1.  There is an additional existing issue that is acceptable:  If someone has the Max Login Attempts option setting set to 5 login attempts then on first login attempts the Attempts Remaining option setting will display:  4, 3, 2, 1, 0.  After the lockout time expires and the user attempts to login again the Attempts Remaining option setting will display: 5, 4, 3, 2, 1, 0.  The user will get an additional login attempt.  This is necessary since the checking conditions are below.  Using >= is not an option with the existing BPS Login Security code since it would negate the user account lock when max logins is reached.

    Note: It would be possible to create separate primary conditional code for: failed_logins == $BPSoptions['bps_max_logins'] and $failed_logins > $BPSoptions['bps_max_logins'], but that would require significant additional coding work for something that is a very minor issue.

    if ( $failed_logins == $BPSoptions['bps_max_logins'] ) { $status = 'Locked'; }
    and
    if ( $failed_logins > $BPSoptions['bps_max_logins'] ) { $status = 'Not Locked'; }

    February 16, 2018 at 2:27 am #35365
    jameshouston135
    Participant

    this is a very nice info thanks for sharing ….i think you guys have a very good technical expertise.

    March 29, 2018 at 9:02 pm #35546
    chuoiit30
    Participant

    [Spam post deleted due to being unrelated to website security, WordPress, BPS or BPS Pro]

    April 25, 2018 at 11:48 pm #35704
    chuoiit30
    Participant

    [Spam post deleted due to being unrelated to website security, WordPress, BPS or BPS Pro]

    June 18, 2018 at 9:40 pm #35919
    chua benh cham
    Participant

    [Spam post deleted due to being unrelated to website security, WordPress, BPS or BPS Pro]

  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.