Login Protection Captcha Does Not Work
-
Dear Support,
After updating to the latest NinjaFirewall, the captcha no longer works and my site immediately bypasses to the login page.
Things I have tried:
1. Deleting bf_conf.php
2. Check php sessions via wp-session.php
3. Reinstalling the pluginThe page I need help with: [log in to see the link]
Viewing 2 replies - 1 through 2 (of 2 total)
-
I managed to diagnose further. The problem is actually in my .htninja (which has not changed for years)
function ip_in_subnet($ip, $subnet) {
if (strpos($subnet, '/') === false) {
return $ip === $subnet;
}
list($subnet, $bits) = explode('/', $subnet);
$ip_bin = inet_pton($ip);
$subnet_bin = inet_pton($subnet);
if ($ip_bin === false || $subnet_bin === false) {
return false;
}
$mask = ~((1 << (128 - $bits)) - 1);
return (unpack('J', $ip_bin)[1] & $mask) === (unpack('J', $subnet_bin)[1] & $mask);
}I then use this to match my server IPs to prevent my group of servers from being blocked.
I have changed it to:
function ip_in_subnet($ip, $subnet) {
if (strpos($subnet, '/') === false) {
return $ip === $subnet;
}
list($subnet, $bits) = explode('/', $subnet);
$ip_bin = inet_pton($ip);
$subnet_bin = inet_pton($subnet);
if ($ip_bin === false || $subnet_bin === false) {
return false;
}
$bytes = (int) floor($bits / 8);
$remainder = $bits % 8;
// Compare full bytes
if (substr($ip_bin, 0, $bytes) !== substr($subnet_bin, 0, $bytes)) {
return false;
}
if ($remainder) {
$mask = chr((0xFF << (8 - $remainder)) & 0xFF);
return (ord($ip_bin[$bytes]) & ord($mask)) === (ord($subnet_bin[$bytes]) & ord($mask));
}
return true;
}
Viewing 2 replies - 1 through 2 (of 2 total)
You must be logged in to reply to this topic.
