administrator account can't logged in my hosted WP

  • Resolved GM_Rusaku

    (@gm_rusaku)


    8 years, 11 months ago

    There was someone who was attempting to log using the admin account, because of that I set the lockout to 500hrs but that guy just keep switching IP address and even now and then attempts to log using the admin account. Eventually the admin account was accidentaly locked, i tried to unlock it but it was no use even if I try to generate a new password using Forget Password, it still wont log-in, can anyone help me with this? My site is https://nepustation.com and I can’t log in anymore.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I set the lockout to 500hrs

    Don’t use anything to lockout accounts. Try using brute force protect instead via Jetpack.

    https://www.ads-software.com/plugins/jetpack/

    It does a better job and won’t lock you out. Also consider adding two factor authentication. I use this one myself.

    https://www.ads-software.com/plugins/two-factor/

    That will let you login without having others brute force your account and locking you out. Yes, I use both options myself. ??

    Side note: I’ve read the post on your site (hard to miss) and just want to point out that while you may believe that you’ve somehow identified the culprit, odds are you’ve got the wrong person. Threatening to dox someone a) won’t work and b) could land you in deep water.

    Odds are good your site ended up on a list somehow, that’s usually how these things work.

    *Has last of coffee*

    Try that brute force option in Jetpack. You’ll accomplish the same thing without hurting yourself.

    Thread Starter GM_Rusaku

    (@gm_rusaku)

    Thanks for the advice, I will try these plugins.

    Side note: I’ve read the post on your site (hard to miss) and just want to point out that while you may believe that you’ve somehow identified the culprit, odds are you’ve got the wrong person. Threatening to dox someone a) won’t work and b) could land you in deep water.

    Nah, I won’t really do that, to trouble some, why bother filter every IP traces just to locate someone I can’t physicaly punch. I just said that to make it seems like I’m hopless in that situation, and it work, he stopped the brute forced login attacks.

    Also searched somewhere and one of the problem is the theme log in plugin, so I log into phpMyAdmin and did a forced deactivation of the plugins, used a VNP client to bypass the lockout IP problem and I was able to get back on track.
       ____
      ∧_∧ ∧_∧\
    / (?ω?)(?ω?) \
    | ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄|
    | THANKS!! NEPU!! |
    |_________|

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘administrator account can't logged in my hosted WP’ is closed to new replies.