[Plugin: WP-Sentinel] Getting false positives from my editors

Hello

getting false WARNING all the time after update. login as Editor

Attack details follow :

– Variable content of the POST method triggered the filter ‘html breaking injections including whitespace attacks’ …

– Variable content of the POST method triggered the filter ‘basic directory traversal’ …

– Variable content of the POST method triggered the filter ‘common comment types’ …

– Variable content of the POST method triggered the filter ‘basic SQL authentication bypass attempts 2/3’ …

I use firefox (as always) btw. I have deactivate the plugin for now. I really like the plugin. What I missing?

This excellent plugin has really saved my site from countless attacks (average 2300 attacks per day).

But I am having the same problem: my editors are getting locked out after the second intent to post an entry.

And there are no means to whitelist an ip address. That is what I think is missing.

Other than that, this plugin has been a lifesaver for us.

Like rwilki, i am getting false positives with my editors.

We run a techie blog, and any time we try and put any kind of code snippet it blocks the poster – despite them being logged in as an editor or similar user.
Whilst the readme says “WP-Sentinel will NOT check requests from the user logged in as administrator” it will check the guys who are still posting blog posts, and no i have no plans to make them an administrator just to get the plugin going ??

Agreed – there are way too many false positives with this plugin. It would be better if we could edit the list of banned character combinations (e.g. — is a common one).

like BerettaNZs thoughts OR if there was a way to whitelist IPs somehow…