Bot Lock

  • Resolved hari2014

    (@hari2014)


    1 month ago

    Every day I get the same bots trying to log in with the same username but different IP addresses. They get blocked, which is fine. Is there an option to block specific usernames by default, so they can’t even access the website in the first place?

    Example:
    Blocked username = Orlandoswege
    Tries to log in with different IP addresses but gets blocked immediately because their username is on the blacklist, regardless of the IP address they try to use!

    Can something like this be implemented? Or is it already implemented, and I just haven’t noticed it? Thanks for any answers.

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 month ago

    Hi @hari2014,

    Could you please cross-check the audit log? Does it show any login attempts using the wp-login.php page? It isn’t possible to block a username instantly.

    Also, please review the site access logs to see if the requests have a specific user agent — something different from a standard browser — that you might have configured to block under AIOS → Firewall → Block and Allowlist.

    Finally, please check AIOS → User Security → Login Lockout. There’s an option called “Instantly lockout specific usernames”, but note that it requires at least one login attempt from that IP before the lockout is triggered; it doesn’t block instantly on the first request.

    Regards

    Thread Starter hari2014

    (@hari2014)

    1 month ago

    I use Ultimate Member as my login. I renamed the WordPress login page for security. It would be great if there were an option to block certain usernames from accessing the site altogether and permanently block them, with the option to contact the admin.

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 month ago

    Hi @hari2014

    Thanks for your suggestion, let me create an internal ticket for this.

     AIOS → User Security → Login Lockout. There’s an option called “Instantly lockout specific usernames”  is not useful ?

    Regards

    Thread Starter hari2014

    (@hari2014)

    1 month ago

    Doch natürlich ! aber Sie werden nur eine bestimmte Zeit gesperrt und nicht völlig ausgeschlossen. Oder sehe ich das falsch? Vielen Dank für euren tollen Support.

    Thread Starter hari2014

    (@hari2014)

    1 month ago

    For now, I’ve set it up so that the minimum lock lasts 2 days and the maximum 1 week.

    Minimum = 2880
    Maximum = 10080

    Einstellung

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 month ago

    Hi @hari2014

    Could you please increase the Login retry time period?
    Also, make sure that the Allow unlock request option is enabled, so genuine users can submit an unlock request if they’re locked out.

    Regards

Viewing 6 replies - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.