rename login page not helping

  • Resolved ldigioia

    (@ldigioia)


    10 months ago

    Hello, long-time user (over 5 years) of the plugin on three very similar sites. I have always used the “rename login page” feature and it seems to work well. But lately I have a brute-force attacker that is constantly triggering lockouts. So I went in and once again renamed all my login pages to something very long and cryptic – yet within minutes, there it was again:

    User login lockout events had occurred due to too many failed login attempts or invalid username:
    Username: karl
    IP address: 5.188.62.174
    IP range: 5.188.62.*
    Org: AS34665 Petersburg Internet Network ltd.
    AS: AS34665 Petersburg Internet Network ltd.
    Log into your site WordPress administration panel to see the duration of the lockout or to unlock the user.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @ldigioia

    If you cross check the WP security > Dashboard > Audit logs – It should have “Failed login” events recorded there it will have stacktrace that can be used to check if user try login with wp-login.php or not

    you can send me one of the stack trace ( clicking link it opens popup and shows stack trace) using https://pastebin.com/ if you do not get idea what the stack trace is.

    Generally such failed login attempts are also possible using wp_getUsersBlogs call for xmlrpc.php file.

    So renamed login page is the case can be checked with stack trace of failed login if it is wp_getUsersBlogs please diabled XML RPC.

    XML RPC call of wp_getUsersBlogs is trying to authenticate the user. – WP Security > Firewall > Basic firewall rules tab > Completely block access to XMLRPC, Disable pingback functionality from XMLRPC Please check both and Save.”

    Regards

    Thread Starter ldigioia

    (@ldigioia)

    I did the stack trace but cannot see what to do with pastebin.com – how do I send it to you?

    Thread Starter ldigioia

    (@ldigioia)

    I have gone ahead and blocked access to XMLRPC. I will report back on results.

    Thread Starter ldigioia

    (@ldigioia)

    This appears to be working, thank you!

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @ldigioia,

    Glad to know it seems to be working, if still any issue let us know.

    Regards

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘rename login page not helping’ is closed to new replies.