內容簡介
這個外掛如何運作?
每當使用者嘗試登入 WordPress CMS 時,OWASP 安全性外掛會接收並儲存使用者所在國家的資訊。這個資訊是從 ipinfo.io 取得的,這是一個提供使用者 IP 地址相關資訊的外部服務,並不會以任何方式犧牲 WordPress 的安全性。一旦登入嘗試的國家被識別,該外掛會比較上次 2 小時的成功 CMS 登入地點,如果國家不同,則會標記為未授權的登入嘗試,並發送通知給 OWASP 管理員,建議更改 CMS 密碼。OWASP 管理員的電子郵件地址在外掛設定中被識別為「通知電子郵件」。
外掛標籤
開發者團隊
原文外掛簡介
How does it work?
Every time when user attempts to log in to WordPress CMS, OWASP security plugin receives and stores information about the user’s country. That information comes from ipinfo.io, an external service which provides available information on user’s IP address and does not in any way compromise WordPress security. Once the country of attempted login is identified, the plugin compares current locations with that of the previous successful CMS login within the last 2 hours. If country is different, the plugin flags it as unauthorized login attempt and sends notification to OWASP manager, with recommendation to change CMS password. Email address for OWASP manager is identified in plugin settings as “Notification email”.