I appreciate the value of your plugin but find it difficult to extract each IP address that I need to place into a plugin that will block that respective IP address.
If you could place each offending IP address in the subject line of the email then one could sort by subject and easily identify any the most frequent IP addresses that are attacking the website
It may help me because i add a .htaccess file to retrict only on my ip but i still receive alerts (that are right)
Thanks a lot.
S.
Greetings,
I am sure your already lined up with suggestions from the ground to your neck, and I am glad you accept suggestions. In phpbb as a security measure, which I like, a user can have it set up in their user panel that when they immediately log-in an email is sent to them with date and time of their log-in with the ip address. This was and still is a great mod for phpbb. I use a plugin as well called wp-united and this is how I noticed the lack of this security feature and 0 plugins that offer it which once again is a security feature for not only us as admin’s but also for the user themselves.
It almost sounds like it could be something that your mod could handle and would fit the bill still in your plug-ins theme as security. Allowing the registered user to partake in their own security of their information as well. The Phpbb Mod is called Alert for Login and I only offer it to show a bit more of what I am talking about.
Hope you may take interest in what I at least find valuable in phpbb and the lack of here in wordpress.
Joseph
]]>Having just updated it was strange to see messages coming from ‘ticktockcomputing’. Made me think we have been hacked ??
I modified this in the code fine, but it might be nice to have a config option for this.
Nice plugin, and thankyou!
]]>After update Emails are coming from “[email protected]” they used to come from my own Email address.
How can I change this back ?
Thanks.
]]>By default, wordpress uses UTF-8 encoding. This is what I had originally set htmlentities to in the plug-in, but some people have experienced issues with the latest version, possibly due to a conflict in their own wordpress’s settings under /wp-admin/options-reading.php or maybe even a versioning issue in parsing the PHP itself, depending on your version of PHP. I think its more a wordpress encoding issue, vs PHP itself.
However, I have changed the code in my plugin to use quotes around the “UTF-8” encodings, so hopefully this fixes the issue. My site worked both ways, with and without the quotes around it, so I was not able to reproduce the errors others were having.
If you run into this issue, and it prevents you from logging into your site, please delete the plugin folder. This will disable it and allow you to login. Then, reinstall the latest plug-in, log out, and then try logging in again. At that point you should be ok. If the problem persists, please let me know. I’m curious to know what your settings tell you under /wp-admin/options-reading.php as well, if its set to UTF-8, or some other encoding, and if it now works with the latest patch, or if it is still broken after the new version.
Thank you for your help and patience. I hope this no longer poses an issue for people with alternate encodings set for their WordPress based sites.
]]>After the latest update, i get a Warning when i try to log on administration:
Warning: htmlspecialchars(): charset `-8′ not supported, assuming utf-8 in /../wp-content/plugins/wp-login-alerts/login-alerts.php on line 19
THanks to give a solution.. fast please !!
S.
The new version is throwing PHP warnings
charset0′ not supported, assuming iso-8859-1`
on occurrences of
| ENT_HTML401,UTF-8
I believe the UTF-8 needs to be in quotes:
| ENT_HTML401,"UTF-8"
Making that edit eliminated the warnings.
Possibly unique to my system for some reason, but thought to share it here in the event it is useful.
]]>So I looked at the code and made some changes that I’d like to confirm do not introduce any nasties:
I added at line 20:
$thissite = $_SERVER['HTTP_HOST'];
I changed the Subject code at line 40:
$subject = "Login Event: ".htmlentities($thissite)."";
I changed the message code on line 41:
$message = " WordPress Login Attempt".htmlentities($who)."\r\n On ".htmlentities($thissite).…
These changes produce an email of the form
Subject: Login Event: www.remarpro.com
WordPress Login Attempt By SomeUserName
On www.remarpro.com
=== All else remains the same.
Any problems with or objections to these edits?
]]>This is a useful tool for many WP admins.
A trivial request: I wonder if you would consider changing the subject line to something more informative, specifically what site. So instead of
“Someone has tried logging into wordpress. Review the info.”
perhaps something like:
“Login Event: [site_url]”
Right now the “tried” msg is the same if a user does just try or if they actually do log in so an “event” is a better description.
Anyway, thanks for the plugin. I’ll let it play for a few weeks and if anything pops I’ll pass it along.
]]>