renamed login page is still found
-
Thank you for a great plugin, I have been using AIOWPS for years, and it mostly works great. My issue now, actually the past 6 months or so, is that someone/something keeps finding the login page on only one of my three sites. All on the same host (Hostgator,) all have the plugin, all are configured similar. All are kept religiously up to date on WP and plugins.
For the “problem” site, I get the lockout notifications roughly every 6 hours. (Lockout time is only 1 hour.) It is almost certainly a bot. I can trace the IP to the usual nasty parts of the world.. I can see the guess attempts in the notification, and they are not even close to my actual admin name. Yet. I have repeatedly renamed the page, last time to a super-long one – I have never used “admin” as the admin account name, but just in case I recently moved it to a new account, also with a super-long name. No difference. I also have a login captcha on it.
My question is simply, how does this hidden login URL keep getting found? It seems to take maybe a week or two after renaming it before it is found again. This is driving me nuts.
https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/
- The topic ‘renamed login page is still found’ is closed to new replies.
