Block a username not an IP

Thanks for reaching out.

The closest thing to what you want is on the Wordfence > Firewall > All Firewall Options page on your site in the Brute Force Protection section. Add the username to the box beside “Immediately block the IP of users who try to sign in as these usernames” and click enter. Don’t forget to save the changes before leaving the page.

There is one thing I do want to warn you about though. This matches partial entries so blocking admin would also block webadmin, superadmin, adminisawesome, etc. Make sure and use the complete username to avoid any issues.

Do you know what part of the login they keep failing at?

Mia

Thank you for your answer.

The IP address was blocked because someone (a legitimate user) tried to log in with the wrong password 10× in a row. So I had to remove the IP from the block list to allow people from that company to log in again (who share this same public IP address).

After thinking about it, the solution I was thinking of –temporarily blocking the user’s account and not the IP– is not a good solution because someone with malicious intent could block a user’s account if they knew their email address or username.

So I will leave it as is. It is very rare that a legitimate user will try to log in so many times after all.

Thanks again for your support!