Constant lockout notifications

  • Resolved IndyITguy

    (@indyitguy)


    8 years, 7 months ago

    I’ve received 2,900 lockout notifications over the last few hours all from different IPs. The lockouts are attempts at logging in with a username that doesn’t exist so that’s working fine. I changed the login url and that didn’t make a difference. I’m also running the Ultimate Member plugin which I deactivated to see if that was were the attack was happening but it’s not. Running the country block add-on is the only thing that’s helping but that isn’t a permanent solution.

    If this bot/script isn’t hitting my custom login url or the Ultimate Member login page how are they getting a login attempt?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    8 years, 7 months ago

    Hi, do you have the following feature enabled Completely Block Access To XMLRPC: under Firewall -> Basic Firewall Rules?

    Thread Starter IndyITguy

    (@indyitguy)

    8 years, 7 months ago

    I do not because the Jet Pack plugin needs that to work correctly (I believe). I’ve enabled the honeypot option on the login page this morning but haven’t seen a notification since yesterday (I still have the country block addon running). I’m going to give it a day to see if anything comes in, if not then I’ll disable the country blocking and see what happens.

    Thread Starter IndyITguy

    (@indyitguy)

    8 years, 7 months ago

    I just saw the added option for XMLRPC protection if you use something like Jet Pack. I’ve enabled it now… Didn’t know that was added.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    8 years, 7 months ago

    That is great to know. If you don’t need any more help with this thread can you mark it as resolved.

    Thank you

    Thread Starter IndyITguy

    (@indyitguy)

    8 years, 7 months ago

    Enabling the XMLRPC protection option, no more floods of attempts.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Constant lockout notifications’ is closed to new replies.