E-mails the site owner if anyone reaches or attempts to login to the site. Also shows the user names they attempt to login with.
| Author: | DigiP (profile at wordpress.org) |
| WordPress version required: | 2.0.2 |
| WordPress version tested: | 3.9.40 |
| Plugin version: | 2013-05-30.10 |
| Added to WordPress repository: | 14-08-2012 |
| Last updated: | 16-04-2014
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
| Rating, %: | 80 |
| Rated by: | 3 |
| Plugin URI: | http://www.ticktockcomputers.com/ |
| Total downloads: | 4 470 |
| Active installs: | 20+ |
Click to start download
|
This is a Security focused plug-in, which will send an email to the Administrator of the WordPress site each time login page is reached.
If someone attempts to login, it will also send the user name they tried logging in with, as well as their IP address, User-Agent, Timestamp, and the Referral URL.
If you see multiple attempts to login at times you are not logged on to the site, this means someone is attempting to brute force their way into your site, and you should ban the offending IP address from your site. Especially if they are trying multiple names, or sending them rapidly, one after another.
FAQ
I received an email when I tried to login myself. Is this normal?
Yes. Because of the way the plug-in works, it will send an email no matter who it is that tries to login. It will also tell you the username attempted as well.
I have the plug-in enabled, but I am not receiving any emails. Whats wrong?
1 – This could be a few things. Number one, we use the email located in your WordPress dashboard, set under the Settings panel. If this is not the email you have set you wish to be reached at, then you would need to change it in the WordPress Dashboard.
2 - Check your spam folder. We send the email to you, from yourself.
3 - Your running a server such as IIS, and you don't have a default mail system in place to send the emails. Because we use PHP to send the emails, you will need to speak with your Host provider, to ensure that you can use this feature.
I see a bunch of user names and just received 30 emails from the plug-in. Is that normal?
YES! And this is the reason I created the plug-in. If you are seeing a large amount of email alerts, even for your own username, but was not you attempting to login, then someone is attacking your site and trying to brute force their way into your site. We suggest you take the IP address listed in the email alert, and ban them from reaching your site. This is a security plug-in, and as such, is meant to help inform you of such attacks.
I found a bug, or have a feature request. Do you think you could implement feature “xyz”?
I am always looking for ways to improve my plug-ins, as well as know if you’ve found any bugs so I can fix them and push them out to WordPress. If there is something you feel would bring value to this plug-in, or a feature specific to your own site, like adding additional email users, I could customize the plug-in for your specific site needs, such as adding additional email addresses, if you have more than one Administrator who handles your site.
ChangeLog
2014-04-16
No codebase changes, just upadting readme to reflect the plug-in works with WP 3.9.x
2013-05-30.10
Added IP address of attacker in Subject line per user request for easy sorting of attackers
2013-01-09.9
Added rule to deny direct access to file, to not dislose server side path errors.
2013-01-05.8
Changing sender address since some users registered with gmail, will not get email from themself and no alerts.
2012-11-26.7
Fix for UTF-8 changed to “UTF-8” encoding for htmlentities.
2012-11-23.6
Changed Subject line to add which site the email is from based on users requests.
2012-08-13.5
Initial Release to WordPress.org
