Download the PHP package lipemat/limit-logins without Composer
On this page you can find all versions of the php package lipemat/limit-logins. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download lipemat/limit-logins
More information about lipemat/limit-logins
Files in lipemat/limit-logins
Package limit-logins
Short Description WordPress plugin to prevent brute force attacks
License MIT
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package limit-logins
Limit Logins
WordPress plugin that limits the number of concurrent logins for a user.
If you really want to prevent brute force attacks and are not concerned with annoying your legitimate users, this plugin may be for you.
Purpose
I had been using other limit login attempts plugins for a long time. Every time an attacker can find a way to attempt more logins than the set number, I wrote another extension and unit tests. While writing around something like 30 tests, I realized that no third-party plugin was ever going to provide the desired level of security.
This plugin is the combination of every extension and unit test I wrote for the other plugins.
Sorry attackers, but I'm over you. :-p
Tracks
- User ID
- IP Address
If the same IP or username fails to log in more than 5 times then neither the user, nor the IP will be able to log in for 12 hours.
Notifications
An email is sent to the blocked user with a link to reset their password or unlock their account. This allows a legitimate user to regain access without waiting for the lockout period to expire.
User Security
User Endpoints
By default, WP provides user archives and REST endpoints for your users. Unfortunately, these endpoints expose the usernames of your users and give attackers something to go on.
On the settings screen you will find options to disable these endpoints and prevent the exposure of usernames.
Usernames
This library prevents common admin usernames from being used when creating a new user. Combined with disabling user endpoints, this makes it extremely difficult for an attacker to guess a valid username.
Oembed Endpoint
The oEmbed endpoint exposes the main user's username to the public. This plugin disables oEmbed embedding of the site and REST API.
Installation
Usage
Notes
This plugin is intended to be used within an OnPoint Plugins project. It is likely going to have a lot of assumptions that are specific to our projects.
All versions of limit-logins with dependencies
lipemat/wordpress-libs Version >= 5.0.0 || dev-develop@dev
php Version >=8.2
pimple/pimple Version ^3.5