Getting lot of Site Lockout Notification

  • Resolved totallywp

    (@panatapattu)


    2 years, 4 months ago

    Hi,

    I am getting Site Lockout Notifications for so many websites. Most are saying that trying to access using an admin username. There are some emails coming the same with an existing username as well.

    What action should I take for this?

    Thanks in advance

Viewing 6 replies - 1 through 6 (of 6 total)

  • Hi totallywp,

    Step 1: Navigate to the plugin Logs page and filter for all Local Brute Force entries. Then click on the View Details link of some displayed entries and check the value(s) for the URL/Login Source fields.

    This will tell you which brute force method(s) is(are) being used to attack your site.

    Once you know which brute force methods are being used, you can take the appropriate steps to stop them.

    +++++ To prevent any confusion, I’m not iThemes +++++

    Plugin Support chandelierrr

    (@shanedelierrr)

    Hi @panatapattu, the Lockout Notifications mean that the plugin is helping prevent attacks on your site, by keeping out unauthorized users trying to guess usernames and passwords. Unfortunately, there isn’t a way to stop them from trying. I would recommend turning on the Security Digest instead, as this will give you a daily summary instead of multiple emails. Make sure to uncheck “Site Lockouts” and check “Security Digest” under the Notifications tab.

    Hi totallywp,

    Unfortunately, there isn’t a way to stop them from trying.

    I’m afraid this is simply not true.

    Ideally you don’t want any malicious (brute force) traffic slowing down your site.

    The Lockout Notifications indicate your site is under brute force attack(s). It basically means your site is considered an easy target on the internet. If it was not, the attackers (botnet) would move on to … yup, easier targets.

    If you don’t want your site to belong to the low hanging fruit on the internet, follow my steps. If you don’t care, follow the chandelierrr advice ??

    Hi Nlpro,

    What exactly do you do once you follow these steps to help prevent the attacks?

    `Step 1: Navigate to the plugin Logs page and filter for all Local Brute Force entries. Then click on the View Details link of some displayed entries and check the value(s) for the URL/Login Source fields.

    This will tell you which brute force method(s) is(are) being used to attack your site.

    Once you know which brute force methods are being used, you can take the appropriate steps to stop them.`

    Thanks very much, I’m new to this.

    • This reply was modified 2 years, 3 months ago by leanne999.

    Hi leanne999,

    You simply activate/enable the iTSec feature that stops the specific type of brute force attack.

    Which one(s) depends on the data logged by the iTSec plugin.

    Is your site currently under brute force attacks?
    If so what type of brute force attack data did you find in the Logs page?

    Once the proper measure has been taken to stop the brute force attack(s) there are still some other things to do in order to prevent your site from being the low hanging fruit on the internet.

    eg: Stop user enumeration.

    +++++ To prevent any confusion, I’m not iThemes +++++

    Plugin Support chandelierrr

    (@shanedelierrr)

    Hi @leanne999, I hope the information provided helped resolve the issue. Since we haven’t received a response, I’ll mark this post resolved. If you still need some assistance, feel free to open a new support topic, and we’d be happy to assist. Thank you!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Getting lot of Site Lockout Notification’ is closed to new replies.