Strange User locked out Activity

Hi,

Are you on a shared server? Have you alerted your hosting company? If not, I’d recommend notifying them as a precaution. Could be a hijacked server at your host.

-Brian

Thank you Brian. I will do that. I wanted to add that something even more strange just happened.

I just cleared cookies from my browser and when I went wp-admin to login, I was locked out as soon as the page loaded. I then got an email from Wordfence that a user was locked out, which was ME.

Here’s the strange part. The IP address in the email was the same as the IP I eluded to in my original post and the “User location” is Provo, United States. The IP address in the email is NOT my IP address, nor do I live in Provo. My host, however, is in Utah.

So, I’m not sure why I’m being recognized by Wordfence with a different IP and location.

I think I figured out what’s happening. Why it’s happening, however, is beyond me.

It appears every hit to my site (bot or human) is being registered by Wordfence as the same IP address, which happens to be my websites server. If I watch the live preview, not one visitor has a different IP address.

The only distinction between each visit (besides the different pages visited) is the info stating operating system, browser, Googlebot, etc.

Has anybody else had this issue?