Plugin | WordPress Gear

Org. Departments

Plugin “Org. Departments” allows you to create a Hierarchical Structure of Departments. And use this Structure in relation to the User.

In the Profile of each User, you can select one or more Subdivisions to which this User is related.

Additionally, it is possible to temporarily Include / Disconnect Users in this Subdivision Structure, without excluding him from a particular Subdivision. This can be useful in some internal situations, such as Academic Leave, etc.

= Futured =
* The number of Levels and Sublevels is not limited.
* The current User does not have the ability to edit his Divisions to which he belongs. The Administrator or Human Resources Manager is expected to establish these links.
* Add Column: “Department” on Admin -> Users List.
* Option: Show Column: “Department” (On/Off).
* Use ShortCode [org.departments] for Show Departments Tree on FrontEnd.
* Search argument for ShortCode [org.departments search=true]. Use for Search in Departments and Members.
Continue reading “Org. Departments”

Adaptive Login Action

Adaptive Login Form: Adjusting compromise between Comfort and Paranoia.

Conception:

If my current IP address is not marked as Dangerous since my last successful login, then there is no need to distrust me and force me to go through Quests to solve different types of Captchas.
In this case, the standard “Password” field is sufficient for one attempt.

But if the Attempt is unsuccessful, then we mark the IP address as Dangerous, and then it is possible and necessary to trick me (or the one who is trying to be me) with a more thorough login procedure.

There may be multilevel options. It doesn’t matter (this will be gradually added to the functionality). We are now talking about the General Principle.

= Futured =

* Separate statistics are generated for each IP address and the ratio “Successful number of entries” / “Total number of entries” is determined. Depending on how close this parameter is to 100%, we can talk about the need for the Toughness of the Mistrust process.

This mechanism starts before the User enters his Login.

The more Unsuccessful Login attempts occur from a given IP Address, the more thoroughly it is checked.
Conversely, the Login procedure can be simplified as much as possible if there is no obvious reason.

* Regardless of what kind of Authentication Error occurred, be it:
– Invalid Username;
– Invalid User Password;
– Incorrectly specified additional security elements: “Secret Key” / Captcha / etc.
This will not be indicated in the error message. There will always be only one message: “Authentication Failed”.
Thus, we do not explicitly indicate to the potential Villain / Bot the reason for the denial of access. And the more such Reasons there are, the more complicated the Entry procedure becomes.

* Интегрирован с плагином “New Users Monitor“.

Continue reading “Adaptive Login Action”

Hack-Info

“Hack-Info” – Free tools (Now, “Hack-Info” – it is a standalone independent complete tool.
Previously, it was like Add-On for “iThemes Security”. But time has shown that it is bad to be dependent on others.. Especially when their DB structure changes.
) to make improve the perception of information about events, which is important to quickly and in detail see and understand. Without the need for unnecessary clicks and conversions. “Hack-Info” notifies the site administrator by providing a detailed list of IP addresses, requests – attempts to scan resources and search for passwords with names.

Continue reading “Hack-Info”

New Users Monitor

“New Users Monitor” – A freeware plugin that will help you quickly find out that you have already been hacked. This is main task of ‘NUM’. Well, in general, ‘NUM’ will inform about the appearance of a new user in WP. If you are an administrator, then such an event is important to you.

* All new users will be highlighted in red until Admin confirm each of them in User-Profile.

* This plugin has already helped out many times when some of our sites were hacked. But we quickly found out about it. And we were able to fast stop the problem.

* With the active Option: “Deny Login if User is not confirmed”, you will sleep much more peacefully.

Continue reading “New Users Monitor”

Plugin Notes

This plugin is rarely updated. Yes there is no need. A good tool and it does its job well. And you do not need to do anything to improve it and make it the operating system. Respect to the author, because he understands.
This plugin no PRO version.

But there is a small, annoying problem (about which most people probably do not even know, especially someone on free hosting sites). This plugin makes a lot of error entries in the log file.
And in general it is possible to live with it. But over time, the log file can grow to an enormous size. This somehow affect the system performance.

Continue reading “Plugin Notes”

Hit Counter Max

Big trouble awaits all who installed this plugin. Now, on your website a huge hole through which specially trained very capable people will be creative with absolutely no demand and without your knowledge.

This is the case when there are malicious code built attractive shell. This bait, which the victim finds itself as it installs itself.

Continue reading “Hit Counter Max”

WordPress Gear

Tag: plugin

Org. Departments

Hack-Info

Users Login Monitor

New Users Monitor

Plugin Notes

Hit Counter Max