Login Lockdown not blocking IPs from accessing Login Page

  • Resolved mastaace221

    (@mastaace221)


    9 years, 1 month ago

    Hi there,

    I’ve installed your plugin as it was recommend by my hosting providers in order to stop brute force attacks, which have been taking place across over 20 of our company websites recently.

    I have enabled the ‘Login Lockdown’ feature blocking everyone who attempts to log in with wrong details repeatedly. This works great and I received confirmation emails of IPs being blocked.

    Nevertheless, having tried it myself it seems that locked out IPs are still able to access the login page and continue brute forcing, which has caused several server OOMs in the last couple of days – not great for my clients.

    As this function neither does seem to write anything to the htaccess nor effectively disables locked out IPs access to the login page I’m am wondering if this feature does what it is expected to do.

    Would you be able to explain to me what the Lockout function does in detail, of if I am doing something wrong in the settings?

    Thank you very much in advance for your support!

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi have you enabled one of the Brute Force features like rename login page?

    Thread Starter mastaace221

    (@mastaace221)

    Hi mbrsolution,

    I’ve enabled the Honeypot feature and enabled Pingback protection.

    Also I’ve applied the Login Whitelist feature temporarily on the attacked websites, which isn’t ideal in long term.

    However, this seems to be working for now as there were no records of further brute force attacks on the login page – hurray! Fingers crossed it will stay like this.

    I will keep an eye on it and keep you updated!

    Thank you for your patience and support on this!

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi mastaace221 I am glad to hear things are starting to work for you. Yes please, report back if you get any more attacks. Lets all keep our fingers cross ??

    Kind regards

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Login Lockdown not blocking IPs from accessing Login Page’ is closed to new replies.