Plugin ini belum teruji dangan 3 rilis besar WordPress. Kemungkinan tidak lagi dipelihara atau didukung, dan mungkin menghadapi masalah kompatibilitas bila digunakan dengan versi WordPress yang lebih baru.

Coin Auth

Deskripsi

This plugin deters brute-force attacks on the WordPress admin dashboard by implementing a “proof-of-work” authentication workflow using the Coinhive.com captcha API. This plugin requires a Coinhive.com account to mine cryptocurrency in the browser. The server will verify the amount of work completed by the client and allow a login request to wp-login.php if verification is successful. We hope to deter brute-force attacks on WordPress sites by introducing this economic control.

To do

  • Logging feature
  • Pull additional data about coinhive account to display in admin dashboard
  • Assign additional work to brute-force offenders automatically

Additional reading

3rd party tools used in this project & privacy

Tangkapan Layar

  • WordPress login, proof-of-work UNVERIFIED
  • WordPress login, proof-of-work VERIFIED
  • Coin Auth Settings
  • 'proof-of-work' workflow

Pemasangan

  1. Upload coin-auth to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Register with coinhive.com -> Dashboard -> Sites & API Keys -> Copy API credentials (Site Key, and Secret Key)
  4. In the WordPress admin dashboard, go to Settings -> Coin auth and enter your API credentials
  5. Click save

PSD (FAQ)

Q: What is cryptocurrency?
A: Magical internet money! Cryptocurrency like bitcoin, and others, are “mined” by solving complex mathematical problems. See additional reading section of this readme to learn more.

Q: What is a brute-force attack?
A: In terms of WordPress, it’s when an adversary tries to guess your password by submitting a lot of login requests.

Q: Will I get rich off of brute force attacks?!
A: More than likely not, but adversaries will waste a lot of time trying to guess your password.

Q: Does this mine Bitcoins in the browser?
A: No, the coinhive API only supports Monero

Q: Is this officially supported, or endorsed by Coinhive.com?
A: No, I am an individual developer and have designed this plugin on my own accord for research. If you need support please visit the Github repo and open an issue.

Q: How do I get money from this plugin?
A: The goal here is to deter brute-force login attacks and waste adversaries time, not to make lots of money. There is cryptocurrency that is generated from each login request and can be deposited to the monero wallet of your choice. This is all configurable in the Coinhive.com dashboard.

Installation Instructions
  1. Upload coin-auth to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Register with coinhive.com -> Dashboard -> Sites & API Keys -> Copy API credentials (Site Key, and Secret Key)
  4. In the WordPress admin dashboard, go to Settings -> Coin auth and enter your API credentials
  5. Click save

Tinjauan

Belum ada masukan untuk plugin ini.

Kontributor & Pengembang

“Coin Auth” adalah perangkat lunak sumber terbuka. Berikut ini mereka yang sudah berkontribusi pada plugin ini.

Para Kontributor

Terjemahkan “Coin Auth” dalam bahasa Anda.

Tertarik mengembangkan?

Lihat kode, periksa repositori SVN , atau mendaftar ke log pengembangan melalui RSS.

Log Perubahan

1.0

  • Initial fork and release

This project was forked from version 1.6 of https://github.com/ashmatadeen/no-captcha