Feature request: permanently ban anyone using the admin username

  • I turned on immediate and automatic one hour site lockout for anyone using the wrong username but unfortunately that means that I’m getting flooded hour after hour day in and out with lockout e-mails for the non-existing admin account.

    I don’t want to turn on permanent blacklist for anyone using the wrong username because that means that I have to manually unlock it for a lot of users who are actually posting and sometimes are spelling their names wrong.

    Is there any way to just permanently ban the IP:s who are attempting to use a certain username, like “admin” for example?

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi c_dilla thank you for your request. The developers will take this into account and review further.

    Thank you

    Thread Starter c_dilla

    (@c_dilla)

    Thanks, 99,9% is bots trying to login according to the logs and they’re always using the (non-existing) admin username. I just felt like it would be a good security measurement to ban the IP:s of these bots instead of even wasting resources on handling their requests.

    I’m sure that you could ban their subnets and so on or ban Russia and China and so on completely but I’d rather not go there.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Have you tried to implement one of the Brute Force feature?

    Thread Starter c_dilla

    (@c_dilla)

    I’ve enabled some of it, like Login Form Captcha and Honeypot.

    Do you mean the Rename Login Page? I guess that I could do that but then I was afraid that it was gonna be trouble for everyone who are actually contributing to the site.

    Since I’m using AJAX I was a bit afraid of enabling the Cookie Based Brute Force Login Prevention.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, you can always carry out a test and see what happens. There is an option you can enable My Site Has a Theme or Plugins Which Use AJAX: which might help as well.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Feature request: permanently ban anyone using the admin username’ is closed to new replies.