-
In the [use symfony/validator](https://github.com/silverstripe/.github/issues/193) work the new EntropyPasswordValidator was made the default PasswordValidator for CMS 6, however this appears to be a …
-
### Feature Description
Just spotted this project, looks awesome!
The only thing it's missing compared to my current solution is OAuth SSO to third party providers e.g. GitHub, G-suite, MS entraId…
-
I think we should limit the number of password attempts on the signin page.
Currently, the signin mechanism does not comply with PCI Data Security standards, which
requires to limit the number of att…
-
see: https://expressjs.com/en/advanced/best-practice-security.html
-
Hello ,
The website https://admission.vitbhopal.ac.in/xmlrpc.php has the xmlrpc.php file enabled and could thus be potentially used for such an attack against other victim hosts. Wordpress that have …
-
Congrats on expanding the authentication section. The new criteria and indicators look great!! A couple of minor suggestions to consider.
1. Some of the terms need to be explained/defined to clari…
-
### Summary
Hello, it would be great if the ACME container would support DNS-01 challenges.
### Motivation
It's really sad that there is only support for web challenges.
There are some good…
-
I am going through requirements outlined in NIST SP 800-63B for AAL1, to make sure that my Clojure application is compliant. When going through section "5.1.1.2 Memorized Secret Verifiers", it seems …
-
Hi,
it would be cool if I could redirect /wp-admin -> /login (being "login" my chosen string, of course).
This request an external editing i.e htaccess or another redirection plugin, or could be don…
-
Hi,
I've around 500 wordpress sites and while searching for solution for brute force attacks I've found your plugin and decided to try.
What I don't understand is it looks like all the blocked IP's …