Got login attempts even with renaming login URL

Hi,

Please check the following documentation.

https://mbrsolution.com/wordpress/aiowps-plugin-pingback-protection-settings.php

Also your MySQL Version : 5.5.5 is old and no longer supported. Please check the following link to learn more.

https://en.wikipedia.org/wiki/MySQL

Let me know if the above helps you.

Thank you

• This reply was modified 3 years, 11 months ago by mbrsolution.

Thanks mbrsolution, but the feature “Completely Block Access To XMLRPC” is already enabled.

Edit: the feature is enabled, but I think the xmlrpc.php file is still active as I get the “XML-RPC server accepts POST requests only” when accessing it. I’ll check the troubleshooting methods you provided in the link and let you know.

• This reply was modified 3 years, 11 months ago by nobleknight.
• This reply was modified 3 years, 11 months ago by nobleknight.

Well, I tried the following from you toubleshooting article:

– Option 1: Disabling and re-enabling the “Completely Block Access To XMLRPC” feature; but this didn’t work.

– Option 2: The .htaccess file contains the following (I’m not sure if it is OK):

#AIOWPS_PINGBACK_HTACCESS_RULES_START
<Files xmlrpc.php>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
#AIOWPS_PINGBACK_HTACCESS_RULES_END

– Option 3: Files permissions are as recomended by the plugin.

If you think that the entry from the .htaccess file is ok, I will try the last option, which is cleaning the .htaccess file, then reinstalling AIOWPS plugin with the previous settings.

In option 2 above, your pingback entry has too much code. Have you by any chance enabled both pingback options? If you have, make sure you only activate one.

Regards

No, only one option is enabled; though I cleaned this part of code with yours, but the xmlrpc.php file is still active.

I’ll check if anything related to XMLRPC is in other plugins; I have Hummingbird and Asset Cleanup, and I think one of them or both is controling it somewhere.

If I find nothing, I will perform the last option.

“Asset cleanup” plugin has a feature of disabling xmlrpc, but using it didn’t work neither. Even, writing the required code directly into .htaccess file!

Seeing that, I contacted my hosting provider and asked them if they had something related in the server config that would prevent these changes, and they told me that they have such thing and they set it to block the access to xmlrpc.

So, sorry for bothering you.

I just have last question, please:
Is renaming the admin login url still useful? Could anyone find it by just accessing to xmlrpc?!!

Hi,

Seeing that, I contacted my hosting provider and asked them if they had something related in the server config that would prevent these changes, and they told me that they have such thing and they set it to block the access to xmlrpc.

That is very good news ??

Is renaming the admin login url still useful?

Yes it is and you will find many security plugins and even themes that allow you to change the site login URL.

Could anyone find it by just accessing to xmlrpc?!!

No. Unless they are good at guessing, they will never discover your secret word.

Kind regards

Yeah, my question on if they can get the new login url was just because I was having attempts to login even after changing it!

Is AIOWPS reporting every attempts, even on not correct url?! or is it reporting just the attempts using the current URL?

Hi,

Is AIOWPS reporting every attempts, even on not correct url?! or is it reporting just the attempts using the current URL?

When you enable Enable 404 IP Detection and Lockout:, all 404 events on your site will be logged. You can monitor these events and select some IP addresses listed and block them for a specified amount of time. All IP addresses you select to be blocked from the “404 Event Logs” table section will be unable to access your site during the time specified.

Thank you

OK; I will check this feature. Currently, I’m not using it.

But the records I was talking about are in “User Login/Failed Login Records”, and are reported after renaming the login URL!

Hi,

But the records I was talking about are in “User Login/Failed Login Records”, and are reported after renaming the login URL!

I think they were targeting your xmlrpc.php file.

Regards

Ok; thank you very much for your helpful guidance and advice.

We were able to solve this problem by deactivating and then reactivating the plugin.

I was reading another thread and saw a link to this article: https://www.tipsandtricks-hq.com/all-in-one-wp-security-reset-settings-plugin

It’s a plugin that will clear all the settings on the AIO plugin. I’m currently trying to resolve a slightly different issue and it sounds like the settings are getting stuck in the htaccess file. We’ve had a lot of issues with this.

Hope that helps.

Original post: https://www.ads-software.com/support/topic/login-attempts-9/