Doesn’t work

  • Pretty useless. I login and I see 13 pages of failed logins in the user login log. I check in the loginizer and I see the same URL as failed attempts 2, Lockouts count 2.
    So what are the other 3,000 attempts in the user login log?
    To many features for which free plugins are available only available as a pro version. Means having three different plugins to do what one should.
    #Fail

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Contributor loginizer

    (@loginizer)

    Hi,

    Sorry to hear about your bad experience with Loginizer.

    When a user from any IP makes 3 failed attempts that IP is blocked for 15 minutes which is counted as 1 lockout. Then that IP can again attempt to login 3 more times then they are blocked again for 15 minutes. After 3 such lockouts that IP is blocked for 24 hours which is Extended Lockout. You can change the number of attempts to be allowed before lockout or how much time should the IP be blocked after failed attempts and after how many lockouts should the IP be blocked for Extended Lockouts.

    You can change these settings from Brute Froce Page in Loginizer.

    If you see multiple login attempts from the same IP you can also blacklist the IP.

    Or as you said you see same URLs where the login attempt is being made, if the URL is for xmlrpc you can disable xmlrpc or rename the URL for xmlrpc or if it is for the wp-login.php page you can rename the login page or you can enable reCAPTCHA on login page and it will stop bots from attacking your site. These three features are in the Pro version.

    If you need any assistance feel free to open a support ticket with us at :
    https://softaculous.deskuss.com/open.php?topicId=16

    Thread Starter aseannewstoday

    (@aecnews)

    Mate,
    I had it set to lock out after 1 failed attempt. There was 3,000 failed attempts ALL FROM THE SAME URL. Your product doesn’t work.
    Lots of features only available in a pro version.Lots of bloated advertising and promotional banners all over the screen.
    I threw your product off and put Login LockDown on (A FREE PRODUCT) with the same settings and the there is one attempted login from each URL. Not 3,000.
    xmlrpc is disabled with Stop XML-RPC Attacks (ANOTHER FREE PRODUCT)
    ANd the Login URL is already renamed with WPS Hide Login (ANOTHER FREE PRODUCT)
    So, exactly what are you providing?

    Plugin Contributor loginizer

    (@loginizer)

    Hello,

    Glad to know you were able to find alternative plugins to serve your requirements.

    If you would like us to take a look why the 3000 attempts were still possible please submit a support ticket and we will check it asap :
    https://softaculous.deskuss.com/open.php?topicId=16

    Plugin Contributor loginizer

    (@loginizer)

    Hello,

    We checked this in more detail and found the following details :

    It seems the failed attempts you see in other Logs plugins is actually a blocked attempt by Loginizer but WordPress does not have the option to mark the login attempt as blocked it has only failed option hence this confusion.

    We have requested WordPress team to add a “Blocked” status so it makes clear the the attempt was blocked and not failed attempt.

    We will also work on improving the process that the blacklisted IP should not be even able to attempt and should simply not be able to post the login credentials.

    Thank you for bringing this issue to our notice.

    We will make the changes to improve this asap.

    Thread Starter aseannewstoday

    (@aecnews)

    Thank you.
    If the IP is blocked it shouldn’t even get to the login page though. I mean, that’s the whole point of having them blocked. Not so they can keep tapping away and generating faults from being blocked.

    Plugin Contributor loginizer

    (@loginizer)

    Got it!

    We will make the changes not to display the login page if they are blocked.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Doesn’t work’ is closed to new replies.