VERY large number of lockouts from IP addresses in Italy

  • Not really a support-type question, but since Thursday (Dec 18th) I’ve received 7000 emails of site lockout notices from IP addresses in Italy trying to log in with the Admin.

    I’ve got iThemes Brute Force Protection and local brute force protection enabled, plus automatically ban anyone logging in with Admin.

    Looks like a few others are having this issue in the support threads. Shouldn’t the iThemes Brute Force help stop against this?

    It’s incredibly frustrating to be receiving all these emails and having to scan through them quickly to make certain it isn’t a real threat. I’m glad I set up a separate email address just for security emails as they used to come to my main account.

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 2 replies - 1 through 2 (of 2 total)

  • I do confirm exactly the same issue.

    Tons attacks from Italy and iThemes Security is blocking these IPs for some time only instead of permanent block (even with “Immediately ban a host that attempts to login using the “admin” username.” option enabled).

    Thread Starter Leanne

    (@norlink)

    I have 10,342 emails of admin lockouts over the last 5 days. This is getting ridiculous. This is from about 30 different WordPress websites.

    At least I can do a quick filter messages for : ‘and a user, admin’ to delete them all.

    It’s filling up my log files on all these domains

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘VERY large number of lockouts from IP addresses in Italy’ is closed to new replies.