White list for access, but not to bypass locked out.

  • Resolved vinhtvu2

    (@vinhtvu2)


    7 years, 11 months ago

    Is there anyway I can request for this feature?

    Basically, I want to blacklist everyone except the few IP addresses / range that I allow, but I don’t want to fully put them on the white list, because that will negate the lock out completely.

    I am currently doing it by blacklisting every IP range that should not be able to login, which is simple if it’s just all public IP addresses leaving the 10.x.x.x, 172.16.x.x, and 192.168.0.x range accessible. The only problem with this approach is slowly, we have to add one-off IP addresses for vendors, and it get convoluted trying to block, but I don’t want to white list them so they can negate the password try attempts and other blocking function either. I’m not sure if that make sense to you, I hope I explained it correctly.

    This is my current block list for all public IP addresses:
    1.0.0.0 – 9.255.255.255 Remove Check for activity
    11.0.0.0 – 171.255.255.255 Remove Check for activity
    172.0.0.0 – 172.15.255.255 Remove Check for activity
    172.32.0.0 – 172.255.255.255 Remove Check for activity
    173.0.0.1 – 254.255.255.255 Remove Check for activity

    Also, I want to say this is an awesome plugin! Make it so much easier for tightening up security instead of using hard-coded apache/nginx configuration changes. If you sync up the Github with the WordPress SVN, I can probably do this function and put in a pull-request. I found the github for this but it’s outdated sometime in 2015.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author gioni

    (@gioni)

    Hi, vinhtvu2!

    I think I understand your idea.
    How many users do you have on the site?
    How are they professional in terms of using their accounts on websites and understanding what’s username?

    Thread Starter vinhtvu2

    (@vinhtvu2)

    We have about 125 users, mostly content editors.
    They all use their active directory account for authentication and authorization. So that’s pretty simple.
    I use this plugin mostly for having the access log and blocking functions.

    Plugin Author gioni

    (@gioni)

    I’ve implemented applying limit login rules for IPs in the White IP Access List. Please check out a new development version, read more: https://www.facebook.com/wpcerber/

    Thread Starter vinhtvu2

    (@vinhtvu2)

    You’re awesome! Thanks for this.
    Extremely useful. I applied the update to all the sites and it’s working flawlessly.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘White list for access, but not to bypass locked out.’ is closed to new replies.