Quick Cache + Bad Behavior
Posted: August 24th, 2010, 9:27 amJust added Quick Cache to my busy site, TempSensorNEWS.com, and we are very pleased with its ease of use and the way it speeds up the site response. Ran into a little problem this morning, but one with a "Quick Solution".
Our site locked me out with the message "You Are Banned". I couldn't log in or even see the home page - just the Ban message. It was the cache at work.
A banned IP tried to access the site before me and the ban message and action were cached. This is due to another plug in WP-Ban, that I have come to like, also. It rejects any IP address that we post to it after reviewing the list of spammer IPs it has identified. This is on top of Askimet. We get hit a lot by comment and content spammers.
Solution: reduce the ban time from 3600 seconds default to something a bit more usable. Right now we are working our way to find a compromise between the the two plugins -it looks like 600 seconds is a pretty good compromise. It's a while since we reviewed the IP spam list - it keeps a tally on how many spam attempts have been made by IP - Askimet seems to catch most, but not all.
We also use Login Lockdown to try to keep brute force hackers out. Seems to me that WordPress should incorporate some of these anti-bad guy features in a build soon.
Our site locked me out with the message "You Are Banned". I couldn't log in or even see the home page - just the Ban message. It was the cache at work.
A banned IP tried to access the site before me and the ban message and action were cached. This is due to another plug in WP-Ban, that I have come to like, also. It rejects any IP address that we post to it after reviewing the list of spammer IPs it has identified. This is on top of Askimet. We get hit a lot by comment and content spammers.
Solution: reduce the ban time from 3600 seconds default to something a bit more usable. Right now we are working our way to find a compromise between the the two plugins -it looks like 600 seconds is a pretty good compromise. It's a while since we reviewed the IP spam list - it keeps a tally on how many spam attempts have been made by IP - Askimet seems to catch most, but not all.
We also use Login Lockdown to try to keep brute force hackers out. Seems to me that WordPress should incorporate some of these anti-bad guy features in a build soon.