內容簡介
每天我都收到很多嘗試存取我管理的網站的電子郵件。因此我問自己:「如果突然間在眾多嘗試中成功了一次,我如何得知呢?是不是已經太遲了?」
我認為唯一的方法就是追蹤管理帳戶的登入情況。
如果登錄成功,將發送一封包含帳戶數據和原始 IP 的電子郵件。因此,只要通過電子郵件和內部的兩個鏈接登錄,我就可以立即斷開被入侵帳戶的會話,同時為該帳戶重置密碼,該帳戶將通過第二個發送的電子郵件進行通知。
總之,這是一個能夠挽救你網站生命的解決方案,因為它可以讓你意識到網站上有一些後門可以允許未經授權的訪問。
此外,該插件會為每次被網站管理員訪問記錄日誌,並發送電子郵件通知。如果訪問是由網站管理員進行的,將存儲登錄時間並發送通知,其中包含登錄的帳戶詳細信息。如果訪問未經授權,可以通過鏈接斷開所有設備上的帳戶,或者斷開所有設備上的帳戶並同時重置該帳戶的訪問密碼。在這種情況下,將發送一封新的電子郵件,其中包含新密碼。
外掛標籤
開發者團隊
② 後台搜尋「KolorWeb Access Admin Notification: extreme rescue for unauthorized admin logins」→ 直接安裝(推薦)
原文外掛簡介
What sets this plugin apart?
In a sea of admin login notification plugins, KolorWeb Access Admin Notification stands out for a few key reasons:
Simplicity: This plugin is designed to be lightweight, clean, and simple to use in just 20kb (I challenge you to find something better).
Compatibility: It is regularly updated to ensure compatibility with the latest WordPress versions.
Right checking: Unlike many others, this plugin checks capabilities instead of roles, and this makes a really big big difference when an attacker modifies them by granting administrator privileges to roles that shouldn’t have them.
Lightweight: There are no options to manage and no information overload to store in the database.
Pratical & Quick: One-click logout and password reset capability for unauthorized access directly from mail notification.
I created this plugin because I couldn’t find any existing options that met my specific criteria. If you’re looking for a no-nonsense solution that gets the job done without any extra frills, this is the plugin for you.
Specifically, if you have tried any of these plugins:
Simple Login Notification
Email Notification on Login
Email notification on admin login
Kaya Login Notification
I think it is time to abandon them and move on to a better solution like this one.
Protecting Your Privacy
Your privacy is really really important, which is why KolorWeb Access Admin Notification is committed to safeguarding your data. This plugin does not collect or store any user information, set cookies, or connect to third-party sites. The only data it captures is related to admin-level logins, such as usernames, IP addresses, and user agents.
KolorWeb Access Admin Notification: extreme rescue for unauthorized admin logins is created and maintained by Vincenzo Casu, a seasoned WordPress developer with 20 years of experience.
Updates
If you don’t find any updates, it means that everything is working correctly with the latest WordPress release. But if you have an idea to improve this plugin, write to me.
Intro to the problem and my simple solution
Every day I receive many emails of attempted access to the sites I manage. So I asked myself: “And if suddenly one attempt among the millions of those executed were to be successful, how could I know if not when it is already too late?”
I thought the only way to know is to track admin account logins.
If the login is successful, an email is sent containing the account data and the IP of origin. So as soon as you log in through the email and two links inside it, I can immediately disconnect the sessions of the compromised account, and also reset the password for that account, which will be notified by email with a second sending.
In short, a solution that could save the life of your site because it allows you to become aware that there is some backdoor on the site that allows unauthorized access.
This plugin sends an email notification for every access that is made by the website administrators. When a login is detected by a site administrator, the login time is stored and a notification is sent containing the details of the account that is logged in. If access is not authorized, through a link it is possible to disconnect the account from all devices, or disconnect the account from all devices that have logged in and at the same time reset the access password for that account. In this second case, a new notification is sent containing the new password.
