mirror of
https://github.com/10h30/ultimatemember.git
synced 2026-07-11 18:56:10 +09:00
Implement directory privacy settings and add rate limiting
Adds configurable privacy options for member directories, allowing restrictions on visibility based on roles or login status. Introduces rate limiting for unauthenticated AJAX requests to prevent brute-force attacks or abuse.
This commit is contained in:
@@ -209,6 +209,13 @@ if ( ! class_exists( 'um\admin\Secure' ) ) {
|
||||
$scanner_content .= '</span>';
|
||||
|
||||
$secure_fields = array(
|
||||
array(
|
||||
'id' => 'ajax_nopriv_rate_limit',
|
||||
'type' => 'checkbox',
|
||||
'label' => __( 'Rate Limit', 'ultimate-member' ),
|
||||
'checkbox_label' => __( 'Enable Rate Limiting', 'ultimate-member' ),
|
||||
'description' => __( 'This prevents brute-force enumeration attempts in guest AJAX requests.', 'ultimate-member' ),
|
||||
),
|
||||
array(
|
||||
'id' => 'banned_capabilities',
|
||||
'type' => 'multi_checkbox',
|
||||
|
||||
Reference in New Issue
Block a user