brute force attack prevention option got disabled

  • Resolved gsmobina

    (@gsmobina)


    1 year ago

    Hello,

    When I installed the wordfence to one of my set I always make sure the brute force attack prevention option is enabled. However, yesterday I found that this option was disabled as well ad the captacha section unticked. Furthermore, there were whole bunch of posts published that is related to casinos, bets and other that are not related to our website.

    I am using the free version of the plugin and I want to know why the brute force prevention option got disabled?

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @gsmobina,

    Do you have any suspicious users with admin/publishing access that look like they’re responsible for the posts? If so, firstly remove them.

    It sounds to me like somebody has managed to gain access and could be responsible for disabling Wordfence features too, as those don’t turn off automatically by design.

    As Wordfence runs when PHP runs, an alternative attack vector to just signing in through your site could be responsible. For this reason, we recommend updating the passwords for your hosting control panel, FTP, WordPress admin users, and database no matter where you think the threat may have come from.

    Our site cleaning instructions may have some steps that could’ve been missed or help provide a checklist of things you’ve already tried: https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    We always recommend using long unique passwords along with 2FA for your administrative accounts, additionally you might find the WordPress Malware Removal section in our free Learning Center helpful.

    If you are unable to clean the site fully, Wordfence does offer a service (and so do others) but ultimately that choice is yours. If you do wish to discuss this, I can’t go beyond our free plugin here on the forums so please contact presales @ wordfence . com.

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘brute force attack prevention option got disabled’ is closed to new replies.