HTTP/1.1 403 Forbidden header on a failed login

by atmosphear

Description

Send an “HTTP/1.1 403 Forbidden” header on a failed login instead of “HTTP/1.1 200 OK”, which is the WordPress default header on failed login. This is a tremendously simple plugin that does only that and absolutely nothing else.

The purpose of this plugin is to provide a way to allow external tools like fail2ban to get a message of a failed login e.g. to prevent a brute-force attack on a firewall level.

For the public domain.

Uses PHP5.3 anonymous functions and will not work on earlier versions of PHP

Reviews

Very useful plugin

By sojic on October 9, 2019

This functionality should be default behavior, implemented in the core of WP. Integration with Fail2Ban significantly increase security and performance of WP. Must have plugin

Отлично

By Ramzzes on March 29, 2017

Работает как заявлено, всё отлично.