Stopping select email notifications

Hi @bjf2000,

There is no option to disable emails for a specific username.

However, I can provide you with some changes to source code that will stop emails for a particular username.

Edit the file wp-content/plugins/wordfence/lib/wordfenceClass.php on line 1457 to 1467, change the function to this function instead:

public static function lockOutIP($IP, $reason) {
    wfBlock::createLockout($reason, $IP, wfBlock::lockoutDuration(), time(), time(), 1);
    self::getLog()->tagRequestForLockout($reason);

    if ($reason == "Used an invalid username 'IGNORED_USEDNAME' to try to sign in")
        return;

    if (wfConfig::get('alertOn_loginLockout')) {
        $message = sprintf(__('A user with IP addr %s has been locked out from signing in or using the password recovery form for the following reason: %s.', 'wordfence'), $IP, $reason);
        if (wfBlock::lockoutDuration() > 0) {
            $message .= "\n" . sprintf(__('The duration of the lockout is %s.', 'wordfence'), wfUtils::makeDuration(wfBlock::lockoutDuration(), true));
        }
        wordfence::alert(__('User locked out from signing in', 'wordfence'), $message, $IP);
    }
}

Change IGNORED_USERNAME to the username of your choice. (Remember to keep the single quotes though, so 'MY_USERNAME').

When an invalid username is attempted, the code at line 2759 calls lockOutIP with a custom reason. The function lockOutIP contains code that both blocks the IP as well as sends an email.

The changes I made at line 1457 to 1467, is that it will check to see if the reason is caused by an invalid username of your choosing, and if it is, it will not send any email notifications.

if ($reason == "Used an invalid username 'IGNORED_USEDNAME' to try to sign in")
    return;

Dave

That’s great, thanks. I’ve made the change, so let’s see what happens.

OK, so I think I did it right:

View post on imgur.com

But emails continue. Is it testing for the right phrase? The key part of the email reads:

A user with IP addr 2804:14c:5bb5:802f:5da0:a2b3:xxxx:xxxx has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 5. The last username they tried to sign in with was: ‘test’.

Oh I forgot there’s another part of code that also calls lockOutIP on line 2775.

Can you also add this between:

$user_test = 'test';
if (substr($reason, 0 - strlen($user_test) - 52) == "The last username they tried to sign in with was: '" . $user_test . "'")
    return;

So the entire function would look like:

public static function lockOutIP($IP, $reason) {
    wfBlock::createLockout($reason, $IP, wfBlock::lockoutDuration(), time(), time(), 1);
    self::getLog()->tagRequestForLockout($reason);

    $user_test = 'test';
    if (substr($reason, 0 - strlen($user_test) - 52) == "The last username they tried to sign in with was: '" . $user_test . "'")
        return;

    if ($reason == "Used an invalid username '" . $user_test . "' to try to sign in")
        return;

    if (wfConfig::get('alertOn_loginLockout')) {
        $message = sprintf(__('A user with IP addr %s has been locked out from signing in or using the password recovery form for the following reason: %s.', 'wordfence'), $IP, $reason);
        if (wfBlock::lockoutDuration() > 0) {
            $message .= "\n" . sprintf(__('The duration of the lockout is %s.', 'wordfence'), wfUtils::makeDuration(wfBlock::lockoutDuration(), true));
        }
        wordfence::alert(__('User locked out from signing in', 'wordfence'), $message, $IP);
    }
}

Got it, thanks. Will report back.

Wanted to report back that it works! Thanks.

Great to hear! Thanks for the feedback!

Dave