Skip to content

/ wp-fail2ban-redux

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

user enumeration #2

Closed
pjv opened this issue Aug 9, 2016 · 1 comment
Closed

user enumeration #2

pjv opened this issue Aug 9, 2016 · 1 comment

Comments

@pjv
Copy link

@pjv pjv commented Aug 9, 2016

i'm not (yet) using this plugin, but stumbled onto your repo in researching an issue i just posted for the original wp-fail2ban plugin. quickly looking at your code, i think it should have the same issue, so you might want to take a look at: https://wordpress.org/support/topic/false-positive-on-user-enumeration?replies=1

i'm not sure this is the best solution, but off the top of my head, i think that in the function starting around line 140 in /classes/class-wp-fail2ban-redux.php if you check for logged in users and exempted them from the block it would be an improvement.
@thebrandonallen

This comment has been minimized.

Sign in to view
Copy link
Owner

@thebrandonallen thebrandonallen commented Sep 27, 2016

@pjv Thanks for reporting this, by the way! Sorry it took so long to get back to you.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@pjv @thebrandonallen
You can’t perform that action at this time.