Include a blank username check in IP Blocking > Login Bots options#91

The IP Blocking settings have a check for Invalid Usernames, with options to set an action when someone submits an invalid username (eg incrementing the offence counter).

My traffic logs are showing that I am getting people making POSTs (and using other plugins/tools to check, too) I can see that they are posting blank usernames.

I have set my IP Blocking options to double increment the offence count with invalid usernames, but this isn’t happening so blank usernames can’t be included in this check at the moment.

All other settings are being evaded - these are presenting as valid user agents, and not being seen as bots. I suspect that they are scipting with their language of choice to identify sites at the moment.

They also must be checking the “I’m a human” box for the POST to be made.

Being able to increase the offence counter and/or block IP addresses that attempt blank usernames would be very useful. Either as part of the invalid username check, or a separate option.

A separate option may be useful because actually anyone that tries to logon with a blank username, I probably do want to immediatley block (not everyone will want the same) whereas I don’t really want to immediately block someone who has simply made a spelling mistake in their usrname making it an invalid username.

Checking of empty usernames will be included in the Invalid Username check for Shield 10.2

Awesome! Great work, and I tip my hat to the team for the fast action!