How can I troubleshoot this issue? I don’t use any other security plugins. I’m on a Litespeed sever and use that plugin, and i use AIOSEO plugin, those are the ones i assume might be conflicting. My site is a multisite. The site in question is my main site.
I’m also annoyed that the speedometer graphic shows my site is green but if it’s just measuring plugin settings that are turned on versus functioning as intended then it’s a misleading indicator.
]]>“This email was sent from your website “JDG” by the Wordfence plugin at Wednesday 17th of July 2024 at 09:26:25 AM
A user with IP address 111.90.148.123 has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 3. The last username they tried to sign in with was: ”.
The duration of the lockout is 4 hours.
User IP: 111.90.148.123
User hostname: server1.kamon.la
User location: Kuala Lumpur, Malaysia??
I have change the login page,
block the access on my CDN except for France for wp-admin, login.php and account/lost-password and for my login page
XML-RPC is deactivated
So I don’t understand how is it possible and how is is possible that ” The last username they tried to sign in with was: ‘’.
Username is empty ?
Could you help me ?
Best regards,
]]>after cleaning all AIOWPS parts (plugin files, database, etc., as recommended by your instructions here in the forum) and after clearing all caches, I get the following message when trying to login to WP:
“The site is experiencing technical difficulties. Please check your site admin email inbox for instructions.”
what can I do?
Is there any cache in the plugin for PHP-based redirection which can be cleared in such cases?
If so, how to do it? ]]>
Is this setting still available? I cannot seem to find it anywhere in he AIOS settings. My site is running version 5.2.9.
Thanks…
JGB
]]>Is SiteGround aware of this extremely malicious Brute Force attack? (click below)
https://windowsreport.com/wordpress-brute-force-attack/
https://blog.sucuri.net/2024/03/from-web3-drainer-to-distributed-wordpress-brute-force-attack.html
If so, has it been mitigated via server and plugin security updates?
Thank you!
]]>I have not seens this much illegal login attempts since I have changed the url of the login page (wp-admin) to something else, so I am wondering how it is possible that hackers can still come this far and reach the login page. Is there a bypass somewhere in the AOIWP plugin or in wordpress?
]]>Where can I get this upgrade? Google research didn’t find usable answers.
]]>I remember the addition at the end of the address.
But when logging in, the page redirects to https://127.0.0.1/.
How to bypass this and get into the site admin area?
The “Immediately lock out invalid usernames” feature is a very useful feature that protects against bots that are trying non-existing usernames. Although the username “admin” is tried most often by bots and this is easily blocked, it is also useful to restrict access for other false usernames that are tried by bots. It is safer to immediately block IP-addresses that try non-existing usernames to gain access, and this also saves server capacity
https://pasteboard.co/I6PhFSK7f9hW.png <– Firewall page
WordFence allows website administrators to filter any website visitor that uses different usernames than the ones already existing, logically assuming that the actual users, editors and administrators of that WordPress website know their own usernames and will not try a bunch of different usernames to gain access. But WordFence also assumes users will type in their usernames correctly every time.
With the website that I am managing, it is not easy to ‘guess’ the different usernames. Certainly with 2FA added, logging in is very secure. But whenever one of my users or editors (from different locations/IP-addresses) mistypes their username, they are blocked out and have to use the link that is sent to their email address.
Now, I do not want to add the IP-address of every single user to the IP white-list, because this is a lot of work and there are different locations. And I also do not want to turn this feature off, because it saves valuable server capacity and my website responds faster to actual visitors.
So what I am suggesting, is a mistyping algorithm that predicts how the existing usernames could get mistyped, and then allows for a second chance when a mistype occurs.
For example, the username johnsmith is not blocked, and the algorithm predicts that users might mistype this username in the following ways:
- johnamith
- jojnsmith
- johnsmir
- johnsmiht
Then the words ‘johnamith’, ‘jojnsmith’, ‘johnsmir’ and ‘johnsmiht’ are added to the whitelist. Whenever an IP address types in this username combined with a password that exists in the login database, they are not immediately restricted and blocked. The page will return the login menu and the user will be given a second chance to login.
In conclusion, this is what feature is missing:
