Hackers getting past apache auth wall to wp-login.php

  • Resolved Mr-B

    (@mr-b-2)


    9 years, 5 months ago

    I am getting Wordfence user locked out warnings, which is great, but I have an apache auth-wall which should be blocking all access to wp-login.php file and /wp-admin/ path.

    It seems unlikely the hackers have the login for the apache auth as it’s a really long scrambled password, and I have tried changing it recently.

    Any ideas how these hackers are able to get past and make WP login attempts?

    Thanks – B.

    https://www.ads-software.com/plugins/wordfence/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WFMattR

    (@wfmattr)

    If they are not getting through to wp-login.php, the attempts are most likely coming through xmlrpc.php — the same method used by the WordPress app, and other features like trackbacks and pingbacks.

    Disabling xml-rpc is possible (there are a number of plugins that do it such as “Disable XML-RPC”) but it may cause other possible problems. If you decide to disable it, you might want to check out this post first:
    Should you disable XML-RPC on WordPress?

    -Matt R

    Thread Starter Mr-B

    (@mr-b-2)

    I didn’t know this! We do use Jetpack, so perhaps we will leave it enabled.
    Thanks very much.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hackers getting past apache auth wall to wp-login.php’ is closed to new replies.

Tags