Fixed bug that prevented Network Brute Force Protection from working properly on some sites.
Tweaks
Added logging for failed two-factor, OAuth, and REST API authentications.
Added logging details about the source of login failures and the type of authentication that failed.
Due to improvements in tracking authentication failures, brute force attempts using alternate authentication methods are more reliably found and blocked.
The server’s IP is treated as whitelisted and will not be considered for lockouts or bans.
Reduced memory usage when creating a backup.
Changed log entry description of “IP Flagged as bad by iThemes IPCheck” to “IP Flagged by Network Brute Force Protection”. This should help clarify the meaning of the log entry.
Improved efficiency of the Network Brute Force Protection feature.