Brute force protection on multisite login?

  • Resolved jonmackintosh

    (@jonmackintosh)


    2 years, 6 months ago

    Brute force protection is working for sites contained within multisite installations, but not for the main multisite login. Does anyone have experience of this issue and/or a remedy? I should also add that the same issue applies to immediate lockouts, which work on individual sites but not the main multisite site. Thanks

    • This topic was modified 2 years, 6 months ago by jonmackintosh.
Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @jonmackintosh, thanks for reaching out to us!

    I’ve not seen prior cases of this reported by customers running multisite installations with Wordfence so a little more information would be needed to assist you.

    Firstly, are you using Wordfence Central to manage your sites? It may also be useful to send us a diagnostic from the main site experiencing the issues to wftest @ wordfence . com. You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Thanks,

    Peter.

    Thread Starter jonmackintosh

    (@jonmackintosh)

    Hello, apologies for the delay in getting back to you. We are using Wordfence Security only, as this appeared to provide the necessary combination of tools. I have selected one of the affected multisites and have sent the requested diagnostics. Thank you.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @jonmackintosh, thanks for getting back to me and sending those diagnostics over!

    The main domain in diagnostics begins with local. although the site does have a public IP address. If users within the organization are connecting from within the organization’s network with an IP in a private network range, they won’t be blocked. Are users that aren’t being blocked connecting via a private network?

    The diagnostics report doesn’t show a private IP though, so this may not be part of the issue. When you say Brute Force and immediate lockouts aren’t working, are you testing from the same machine used for sending the diagnostics, or are you seeing users fail logins repeatedly?

    Thanks again,

    Peter.

    Thread Starter jonmackintosh

    (@jonmackintosh)

    Apologies for the tardy response. We have located the cause of the issues. We have a standalone LDAP Authentication plugin that limits users to those accounts recognised by the institution, and it would appear that the timings of checks within our LDAP Authentication plugin and Wordfence and other plugins with rate limiting functionalities does not ‘play well together’.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Brute force protection on multisite login?’ is closed to new replies.