Description
How does it work?
Every time when user attempts to log in to WordPress CMS, OWASP security plugin receives and stores information about the user’s country. That information comes from ipinfo.io, an external service which provides available information on user’s IP address and does not in any way compromise WordPress security. Once the country of attempted login is identified, the plugin compares current locations with that of the previous successful CMS login within the last 2 hours. If country is different, the plugin flags it as unauthorized login attempt and sends notification to OWASP manager, with recommendation to change CMS password. Email address for OWASP manager is identified in plugin settings as “Notification email”.