Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

user enumeration #2

Closed
pjv opened this issue Aug 9, 2016 · 1 comment
Closed

user enumeration #2

pjv opened this issue Aug 9, 2016 · 1 comment

Comments

@pjv
Copy link

@pjv pjv commented Aug 9, 2016

i'm not (yet) using this plugin, but stumbled onto your repo in researching an issue i just posted for the original wp-fail2ban plugin. quickly looking at your code, i think it should have the same issue, so you might want to take a look at: https://wordpress.org/support/topic/false-positive-on-user-enumeration?replies=1

i'm not sure this is the best solution, but off the top of my head, i think that in the function starting around line 140 in /classes/class-wp-fail2ban-redux.php if you check for logged in users and exempted them from the block it would be an improvement.

@thebrandonallen

This comment has been minimized.

Copy link
Owner

@thebrandonallen thebrandonallen commented Sep 27, 2016

@pjv Thanks for reporting this, by the way! Sorry it took so long to get back to you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.