[Plugin: WP-Sentinel] Login Bruteforce

  • Hi,

    How does the Bruteforce Login thing work? I usually log in (as admin) with no problem, but today was locked out with a Warning message and received an email about a bruteforce login attempt (my ip address). The message was an Alarm email that mentioned ” Variable ‘login && password’ of the POST method triggered the filter ‘wordpress login bruteforcing'”

    Did I do something differently today that could have caused that message? I have not installed any plugins, and haven’t done anything differently (that I’m aware of) other than the normal logins during the day. I deleted the plugin and re-installed it, then was able to log in, but I’m wondering how I triggered the alarm and if there’s something I need to be aware of, to prevent triggering another alarm.

    https://www.ads-software.com/extend/plugins/wp-sentinel/

Viewing 12 replies - 1 through 12 (of 12 total)

  • me too, not resolved

    Thread Starter Treebeard

    (@malawimama)

    I deleted the plugin and never installed it again. Would be really cool if this was fixed though, I thought that was a very useful plugin. Looking forward to a working version.

    yeah, thanks but i cannot login to my admin area, i try do delete the plugins from my hosting file manager, (hope it works ), and when i log in to my admin, it said too many redirects. what do you suggest ??

    Thread Starter Treebeard

    (@malawimama)

    It’s been a while, but it might have left settings active even after it’s deleted. Check your files and make sure you don’t see anything strange:

    wp-config.php
    .htaccess

    Also check your database, it might have left settings behind in there too – search for ‘sentinel’

    you mean delete the wp-config.php and .htaccess ? i deleted the .htaccess, still cant login. same message with all browser, safari, chrome, firefox, and blackberry

    “Firefox has detected that the server is redirecting the request for this address in a way that will never complete.”

    so the wp sentinel problems and this one doesnt have anything to do with the hosting server security ? what do you think ??

    Thread Starter Treebeard

    (@malawimama)

    OH NO, do not delete those files, they are required. I meant to delete any leftover settings (left by the plugin) just those lines.

    thanks ! no i just deleted the ht.access, and saerch for the remaining keywords, found nothing, and still cant login.

    i cant login to my site for 3 weeks, now dunno what to do. what do you suggest ? ??

    btw nice design you have in the gravity ! ??

    Thread Starter Treebeard

    (@malawimama)

    Thank you very much! ??

    If you want to email me directly, maybe I can help get you back into the admin. I’ll need your hosting control panel and FTP info so I can check out the files and the database.

    (deleted my email from here before it’s posted permanently)

    Hello,

    Sorry !! the username is nancyc, i forgott..

    Thank u very much !

    I have also now removed the plugin after getting this “brute force” lockout for no apparent reason. I can’t afford to put my own access at risk! Equally, co-workers at my place of work caused a block on the work IP address, for no apparent reason either. Error in that case was “data: URL injections, VBS injections and common URI schemes”, with the rule “(?:(?:vbs|vbscript|data):.*[,+])|(?:\w+\s*=\W*(?!h”, but all they were doing was clicking around my blog in a normal fashion.

    Disappointing.

    Hey guys!

    I had the same problem. What I did?

    1) Turn off my modem
    2) Wait 10 seconds
    3) Turno on my internet
    4) Tried to go into Admin and…

    IT WORKS! After that, I went to plugins and deleted WP Sentinel… That’s it!

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘[Plugin: WP-Sentinel] Login Bruteforce’ is closed to new replies.