Loginizer is a WordPress plugin which helps you fight against bruteforce attack.
|Author:||Raj Kothari (profile at wordpress.org)|
|WordPress version required:||3.0|
|WordPress version tested:||4.9.6|
|Added to WordPress repository:||27-01-2016|
|Total downloads:||2 748 311|
|Active installs:||700 000+|
Click to start download
Upload the Loginizer plugin to your blog, Activate it.
That’s it. You’re done!
- [Feature] Made Loginizer BuddyPress compatible.
- [Bug Fix] There is an XSS bug introduced in version 1.3.8. This is fixed. Please upgrade ASAP. Thanks to Leigh at Dewhurst Security – https://dewhurstsecurity.com
- [Feature] Added an option to Enable / Disable Brute Force checks.
- [Feature] Added the feature to log the URL of the page from which the brute force attempt is being made.
- [Feature] Added an option to Delete the entire Blacklist / Whitelist IP Ranges.
- [Feature] Custom IP Header added as an option for detecting the IP as per the Proxy settings of a server.
- [Bug Fix] In WooCommerce the number of login retries left was not being shown. This is fixed.
- [Bug Fix] Blacklist and Whitelist IPs were not being deleted. This is fixed.
- [Feature] Pagination added to the Blacklist and Whitelist IPs
- [Bug Fix] SQL Injection fix for X-Forwarded-For. This is fixed. Vulnerability was found by Jonas Lejon of WPScans.com
- [Bug Fix] There was a missing referrer check in Blacklist and Whitelist IP Wizard. This is fixed.
- [Feature] Added a wizard for admins to set their own language strings for Brute Force messages
- [Bug Fix] Twitter box shown in Loginizer was not accessed over HTTPS.
- [Bug Fix] Fixed the BigInteger Class for PHP 7 compatibility.
- [Feature] IPv6 support has been added.
- [Feature] The last attempted username will now be shown in the Login Logs.
- [Bug Fix] The documentation in the plugin was pointing to a wrong link. This is now fixed.
- [Feature] Added option to choose between REMOTE_ADDR, HTTP_CLIENT_IP and HTTP_X_FORWARDED for websites behind a proxy
- [Task] The news.js will now be loaded from HTTPS servers
- [Feature] The Login attempt logs will now be shown as per the last attempt TIME and in Descending Order
- [Feature] Added an option to Reset the Login attempts for all or specific IPs
- [Feature] Added pagination in the Brute Force Logs Wizard
- [Bug Fix] Disabling and Re-Enabling Loginizer caused an SQL error
- [Task] The brute force logs will now be sorted as per the time of failed login attemps
- [Bug Fix] Dashboard showed wrong permissions if wp-content path had been changed
- [Bug Fix] Added Directory path to include files which caused issues with some plugins
- [Bug Fix] Added ABSPATH instead of get_home_path()
- [Feature] New Dashboard
- [Feature] System Information added in the new Dashboard
- [Feature] File Permissions added in the new Dashboard
- [Feature] New UI
- [Bug Fix] Fixed bug to add IP Range from 0.0.0.1 – 255.255.255.255
- [Bug Fix] Removed /e from preg_replace causing warnings in PHP
- Fixed Extended Lockout bug
- Fixed Lockout bug
- Handle login attempts via XML-RPC
- Database structure changes to make the plugin work faster
- Minor fixes
- Blocks IP after maximum retries allowed
- Extended Lockout after maximum lockouts allowed
- Email notification to admin after max lockouts
- Blacklist IP/IP range
- Whitelist IP/IP range
- Check logs of failed attempts
- Create IP ranges
- Delete IP ranges
- Licensed under GNU GPL version 3
- Safe & Secure