Support

Hello, I am looking for some direction on a possible way to prevent my admins from being blocked when they don't log off before the session expires. I typically set my blocking at 3 attempts in 10 minutes and autoban after one.

My question is it possible to capture a user's IP logged in to the backend and when their session expires not make it a security exception? Not sure if I am phrasing this correctly.

This is similar to what a bank site does. When your session expires it logs you off. I have found a plugin that alerts you of session expiration but that only accomplishes one part not the firewall issue.

Just curious if this is possible or something that might be considered as a feature.

Thanks

Hi, I was more thinking of a way not to create the security exception for a valid user that has recently logged in. Like possibly capturing the IP address and have it be added to the whitelist for a certain amount of time. So when they come back to the site it's not triggering the firewall even though their session is over. So not really waiting until the session expires but upon login triggering a solution. So a user logs in to the backend, their IP gets added and it stays in for x amount of days the site admin determines. If someone logins successfully they should be OK for some time. I don't really want to set the session time to days as a solution.

I have never asked for any modification to the extension due to it's pretty much got it all. This would be the only thing that could be improved. Some way to not block valid users who either accidentally forget to logout or leave with a few tabs open only to trip the firewall upon going back to the site.

Just a thought and maybe a benefit for others too. If there weren't so many hackers out there I would relax the security but it's pretty bad these days.

Well that's fine if it's not something you will consider. Although if your answer were how it was I wouldn't be here asking. I have it set to 3 and they are tripping it and getting banned. Probably leaving 3 windows open. I work like this often and have kicked myself out before.

I just thought it would be a cool option. I do not know all the implications of it being added. Too bad it could not be an optional setting.

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.