• Resolved AME Network

    (@ame-network)


    Hi Janneke,

    Like many WP users, we’re trying everything we can to stop brute force login attempts (we run a lot of WP sites). We were already using the Limit Login Attempts plugin, which helps but doesn’t prevent these attacks, before finding yours. We tried your plugin on a couple of sites, where we cleared the previous login attempts list in LLA to 0. After one day having moved the login URL with your plugin, there have already been botnets that have found the new URL. VERY disappointing. Thought you would want to know.

    BTW, does anyone know how to *permanently* block IPs from any access?

    Thanks,

    AME Network

    https://www.ads-software.com/plugins/rename-wp-login/

Viewing 16 replies (of 16 total)
  • By caveats, I was referring to what https://www.blogaid.net/disable-xml-rpc-in-wordpress-to-prevent-ddos-attack was saying:

    “And, it disables XML-RPC completely, which may disturb third-party applications that use it. …”

    I was thinking that if I don’t care about working with a WP site other than through the standard interface, then those caveats *should* go away, but the article goes on to say:

    “There are several popular apps and plugins that make use of some part of the XML-RPC function. They are:

    JetPack (just some parts of it)
    LibSyn (for podcasts)
    BuddyPress
    Various photo gallery plugins”

    So I guess I’ll have to do some testing.

Viewing 16 replies (of 16 total)
  • The topic ‘Failed After 1 Day’ is closed to new replies.