IP flagged for potential security violations

  • Resolved Maeve Lander

    (@enigmaweb)


    11 years, 6 months ago

    Hi Sam, one of our clients running Brute Protect is getting their own IP address flagged for potential security violations. Site is https://www.swanmarquees.com.au/ Any suggestions?


    Bit of background in case it’s useful:
    The site is a problem site – it’s been a repeat offender for brute force attacks draining the server resources. We previously tried Limit Login Attempts plugin which was very successful for all our other sites, but which was locking out frequently on this site and preventing the client logging in to edit. Given that both limit login attempts and now Brute Protect plugin are locking down, I’m starting to wonder if this is a problem on the client’s computer itself? Malware hammering the server from their IP? Or is that way off the mark?

    Thanks for your help

    https://www.ads-software.com/plugins/bruteprotect/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor Sam Hotchkiss

    (@samhotchkiss)

    If they didn’t actually try to access their site using the wrong password, then it definitely sounds like there’s malware either on their computer or another computer that’s sharing their home network.

    You could whitelist their IP in the plugin file (we’re introducing a way to do this through the admin soon), although, if they do have malware, then you’re just opening the door and letting the bad guys in.

    Thread Starter Maeve Lander

    (@enigmaweb)

    Thanks for confirmation Sam. I have alerted my client to this potential malware and recommended they run full virus and malware scans on their computers. Hopefully this will identify and resolve the issue.

    Thank you for your help on this.

    Great to hear that whitelist function is being introduced. I think this will be a great addition to the plugin. Nice work.


    On a sidenote, I have the issue that I manage hundreds of WordPress sites so installing a plugin using a unique API for each site would be very time consuming. Generally I use ManageWP for plugin management…. but with your plugin the usefulness of this is limited because I would still have to manually generate and register the API code for each and every site. Any suggestions?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘IP flagged for potential security violations’ is closed to new replies.