Context Navigation

← Previous Changeset
Next Changeset →

Changeset 2449165

Timestamp:

01/02/2021 03:22:35 PM (5 years ago)

Author:

guardgiant

Message:

Updating readme

Location:

guardgiant

Files:

: 2 edited

tags/2.2.3/README.txt (modified) (2 diffs)
trunk/README.txt (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

guardgiant/tags/2.2.3/README.txt

-                      r2448416
+                      r2449165
 == Description ==
+= Security Features =
+The only plugin with 100% brute force protection that doesn't lock out genuine users.
+= Brute Force Protection =
+This plugin implements a modern approach used by large websites such as Facebook, Google etc.
+When a genuine user makes a successful login to their account using their mobile phone, tablet, or computer GuardGiant starts treating their device as <mark>Trusted</mark>.
+* Failed login attempts from trusted devices are directed towards 'Lost Password' forms rather than being subject to account lockouts or additional counter measures.
+* Users receive an alert when anyone logs into their account from an unrecognized device or browser.
+= Limit Login Attempts =
+GuardGiant uses a range of strong counter-measures to limit failed login attempts from unrecognized devices. The default behaviour is:
+* After 3 failed login attempts from the same unrecognized device, a Google ReCaptcha field is added to the login page. ReCaptcha is a strong counter-measure that is very hard for an automated process to solve.
+* After 10 failed login attempts a temporary block of 2 minutes is applied to the device/IP address. No login attempts can be made during this time.
+* Each further failed login attempt increases the block time by another minute. This slows down attacks to the point where they quickly become unviable.
+All behavior is fully customizable to achieve the level of brute force protection that you require.
+= Login Activity Log =
+A fully featured activity log gives you visibility to all login attempts on your site.
+* Provides geographic location, device type, IP address and more for each login attempt.
+* Filter login attempts by Trusted or Unrecognized devices.
+* Search by IP address or username.
+* Filter by successful or failed attempts.
+* Easy to display successful logins from unrecognized devices that could indicate a hacked account.
+[View 3 things you should be tracking in your activity log.](https://www.guardgiant.com/wordpress-login-activity-3-things-you-should-be-tracking/ "View 3 things you should be tracking in your activity log.")
+This activity log can form an essential part of your brute force login protection plan. GDPR compliant.
+= Other Security Improvements =
+GuardGiant implements numerous other security improvements recommended by the Open Web Application Security Project® (OWASP) to keep your site safe:
+* Obfuscates login errors to stop user enumeration.
+* Obfuscates password reset errors.
+* Option to disable XMLRPC.
+* Refuse guest access to certain sensitive API calls.
+* And much, much more.
+Guardgiant is a modern, lightweight security plugin that is exceptionally easy to use no matter what your level of technical expertize.
+The default settings are highly optimized, designed to prevent brute force attacks whilst not disturbing genuine users from logging in. Advanced users can fully customize the behavior of this plugin to suit their own environment.
+= Brute Force =
+* **brute force**
 * **Brute force protection**
 * **Stop brute force attacks to hack passwords**
 …
 * **Brute force login protection**
-The only plugin with 100% brute force protection that doesn't lock out genuine users.
-= Brute Force Protection =
-This plugin implements an approach used by large websites such as Facebook, Google etc.
-When a genuine user makes a successful login to their account using their mobile phone, tablet, or computer GuardGiant starts treating their device as <mark>Trusted</mark>.
-* Failed login attempts from trusted devices are directed towards 'Lost Password' forms rather than being subject to account lockouts or additional counter measures.
-* Users receive an alert when anyone logs into their account from an unrecognized device or browser.
-= Limit Login Attempts =
-GuardGiant uses a range of strong counter-measures to limit failed login attempts from unrecognized devices. The default behaviour is:
-* After 3 failed login attempts from the same unrecognized device, a Google ReCaptcha field is added to the login page. ReCaptcha is a strong counter-measure that is very hard for an automated process to solve.
-* After 10 failed login attempts a temporary block of 2 minutes is applied to the device/IP address. No login attempts can be made during this time.
-* Each further failed login attempt increases the block time by another minute. This slows down attacks to the point where they quickly become unviable.
-All behavior is fully customizable to achieve the level of brute force protection that you require.
-= Login Activity Log =
-A fully featured activity log gives you visibility to all login attempts on your site.
-* Provides geographic location, device type, IP address and more for each login attempt.
-* Filter login attempts by Trusted or Unrecognized devices.
-* Search by IP address or username.
-* Filter by successful or failed attempts.
-* Easy to display successful logins from unrecognized devices that could indicate a hacked account.
-[View 3 things you should be tracking in your activity log.](https://www.guardgiant.com/wordpress-login-activity-3-things-you-should-be-tracking/ "View 3 things you should be tracking in your activity log.")
-This activity log can form an essential part of your brute force login protection plan. GDPR compliant.
-= Other Security Improvements =
-GuardGiant implements numerous other security improvements recommended by the Open Web Application Security Project® (OWASP) to keep your site safe:
-* Obfuscates login errors to stop user enumeration.
-* Obfuscates password reset errors.
-* Option to disable XMLRPC.
-* Refuse guest access to certain sensitive API calls.
-* And much, much more.
-Guardgiant is a modern, lightweight security plugin that is exceptionally easy to use no matter what your level of technical expertize.
-The default settings are highly optimized, designed to prevent brute force attacks whilst not disturbing genuine users from logging in. Advanced users can fully customize the behavior of this plugin to suit their own environment.
 == Installation ==

guardgiant/trunk/README.txt

-                      r2448416
+                      r2449165
 == Description ==
+= Security Features =
+The only plugin with 100% brute force protection that doesn't lock out genuine users.
+= Brute Force Protection =
+This plugin implements a modern approach used by large websites such as Facebook, Google etc.
+When a genuine user makes a successful login to their account using their mobile phone, tablet, or computer GuardGiant starts treating their device as <mark>Trusted</mark>.
+* Failed login attempts from trusted devices are directed towards 'Lost Password' forms rather than being subject to account lockouts or additional counter measures.
+* Users receive an alert when anyone logs into their account from an unrecognized device or browser.
+= Limit Login Attempts =
+GuardGiant uses a range of strong counter-measures to limit failed login attempts from unrecognized devices. The default behaviour is:
+* After 3 failed login attempts from the same unrecognized device, a Google ReCaptcha field is added to the login page. ReCaptcha is a strong counter-measure that is very hard for an automated process to solve.
+* After 10 failed login attempts a temporary block of 2 minutes is applied to the device/IP address. No login attempts can be made during this time.
+* Each further failed login attempt increases the block time by another minute. This slows down attacks to the point where they quickly become unviable.
+All behavior is fully customizable to achieve the level of brute force protection that you require.
+= Login Activity Log =
+A fully featured activity log gives you visibility to all login attempts on your site.
+* Provides geographic location, device type, IP address and more for each login attempt.
+* Filter login attempts by Trusted or Unrecognized devices.
+* Search by IP address or username.
+* Filter by successful or failed attempts.
+* Easy to display successful logins from unrecognized devices that could indicate a hacked account.
+[View 3 things you should be tracking in your activity log.](https://www.guardgiant.com/wordpress-login-activity-3-things-you-should-be-tracking/ "View 3 things you should be tracking in your activity log.")
+This activity log can form an essential part of your brute force login protection plan. GDPR compliant.
+= Other Security Improvements =
+GuardGiant implements numerous other security improvements recommended by the Open Web Application Security Project® (OWASP) to keep your site safe:
+* Obfuscates login errors to stop user enumeration.
+* Obfuscates password reset errors.
+* Option to disable XMLRPC.
+* Refuse guest access to certain sensitive API calls.
+* And much, much more.
+Guardgiant is a modern, lightweight security plugin that is exceptionally easy to use no matter what your level of technical expertize.
+The default settings are highly optimized, designed to prevent brute force attacks whilst not disturbing genuine users from logging in. Advanced users can fully customize the behavior of this plugin to suit their own environment.
+= Brute Force =
+* **brute force**
 * **Brute force protection**
 * **Stop brute force attacks to hack passwords**
 …
 * **Brute force login protection**
-The only plugin with 100% brute force protection that doesn't lock out genuine users.
-= Brute Force Protection =
-This plugin implements an approach used by large websites such as Facebook, Google etc.
-When a genuine user makes a successful login to their account using their mobile phone, tablet, or computer GuardGiant starts treating their device as <mark>Trusted</mark>.
-* Failed login attempts from trusted devices are directed towards 'Lost Password' forms rather than being subject to account lockouts or additional counter measures.
-* Users receive an alert when anyone logs into their account from an unrecognized device or browser.
-= Limit Login Attempts =
-GuardGiant uses a range of strong counter-measures to limit failed login attempts from unrecognized devices. The default behaviour is:
-* After 3 failed login attempts from the same unrecognized device, a Google ReCaptcha field is added to the login page. ReCaptcha is a strong counter-measure that is very hard for an automated process to solve.
-* After 10 failed login attempts a temporary block of 2 minutes is applied to the device/IP address. No login attempts can be made during this time.
-* Each further failed login attempt increases the block time by another minute. This slows down attacks to the point where they quickly become unviable.
-All behavior is fully customizable to achieve the level of brute force protection that you require.
-= Login Activity Log =
-A fully featured activity log gives you visibility to all login attempts on your site.
-* Provides geographic location, device type, IP address and more for each login attempt.
-* Filter login attempts by Trusted or Unrecognized devices.
-* Search by IP address or username.
-* Filter by successful or failed attempts.
-* Easy to display successful logins from unrecognized devices that could indicate a hacked account.
-[View 3 things you should be tracking in your activity log.](https://www.guardgiant.com/wordpress-login-activity-3-things-you-should-be-tracking/ "View 3 things you should be tracking in your activity log.")
-This activity log can form an essential part of your brute force login protection plan. GDPR compliant.
-= Other Security Improvements =
-GuardGiant implements numerous other security improvements recommended by the Open Web Application Security Project® (OWASP) to keep your site safe:
-* Obfuscates login errors to stop user enumeration.
-* Obfuscates password reset errors.
-* Option to disable XMLRPC.
-* Refuse guest access to certain sensitive API calls.
-* And much, much more.
-Guardgiant is a modern, lightweight security plugin that is exceptionally easy to use no matter what your level of technical expertize.
-The default settings are highly optimized, designed to prevent brute force attacks whilst not disturbing genuine users from logging in. Advanced users can fully customize the behavior of this plugin to suit their own environment.
 == Installation ==

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 2449165

Legend:

guardgiant/tags/2.2.3/README.txt

guardgiant/trunk/README.txt

Download in other formats: