There are three types of attacks that this plugin can detect.
1. Different session IDs from one IP address. ( Possible brute force attack )
2. Same session ID from different IP addresses. ( Possible session hijack attack )
3. Same session ID from different user agent. ( Possible session hijack attack )
There are two types of detections. "Realtime Detection" and "Interval Detection". ( "Interval Detection" is the default )
When attacks are detected, an alert is logged and information about the access is logged to each file.