Coming phpBB WordPress 2.6.5 logs

Post a reply


This question is a means of preventing automated form submissions by spambots.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:
BBCode is ON
[img] is ON
[url] is ON
Smilies are ON
Topic review
   

If you wish to attach one or more files enter the details below.

Maximum filesize per attachment: 1 MiB.

Expand view Topic review: Coming phpBB WordPress 2.6.5 logs

Re: Coming phpBB WordPress 2.6.5 logs

by axew3 » Thu Sep 01, 2022 9:55 pm

2.6.5 has been released. Enjoy!

Re: Coming phpBB WordPress 2.6.5 logs

by axew3 » Thu Sep 01, 2022 7:31 pm

The phpBB integration extension (not the WP plugin) will be updated soon to clean up the wordpress brute force record for the user that login in phpBB. This will resolve the problem that is the one explained on the anti bruteforce explain: when user come in WordPress as logged in phpBB, and the id result to be on the bruteforce list, even if the user correctly logged in phpBB, is redirected to login in WP.

Re: Coming phpBB WordPress 2.6.5 logs

by axew3 » Thu Sep 01, 2022 5:48 pm

The third improvement, easily switchable to the old way, is quite well self explained into the file class.wp.w3all-phpbb.php
// may phpBB session expired while the WP user is still logged in
// keep the user logged in resetting the user's phpBB session

3)

Code: Select all

   // may phpBB session expired while the WP user is still logged in
   // keep the user logged in resetting the user's phpBB session
   // remove -> $noBFF = true; on next and -> !isset($noBFF) on following two instructions 
   // to let fire self::w3all_wp_logout(); instead, so to logout the logged WP user when no valid phpBB session found
   
    if ( empty($phpbb_user_session) && $phpbb_u > 2 && is_user_logged_in() ) {
    	  self::phpBB_user_session_set($current_user);
    	  $noBFF = true;
    	 }

Re: Coming phpBB WordPress 2.6.5 logs

by axew3 » Tue Aug 30, 2022 9:10 pm

2) phpBB online users and stats function updated to show correct number of online users, discarding session_IPs from same IP. The result is still not completely correct, when more users are connected via same IP: anyway since it is a rare case, the light code to obtain the result is substantially +- as it was and is not complete.

Coming phpBB WordPress 2.6.5 logs

by axew3 » Wed Aug 24, 2022 5:51 am

The integration plugin is on the way to be updated, follows logs of improvements and changes:

1) Optimize the brute block flow: avoid the account lock when an user is effectively logged in due to legit action in phpBB, but the presented session changed (see fix 3 below)

If any suggestion please just reply.
Cheers!

Top