Repeated login attempts on renamed login page

Hi @clementmartineau

Can you please cross check stacktrace from WP Security > Dashboard > Audit log for Failed login, It will have file stack trace how the user try login.

If possible you can share it with me also using https://pastebin.com/ burn after read option.

Failed Login attempt is possible due to XML RPC call of wp_getUsersBlogs is trying to authenticate the user.

WP Security > Firewall > PHP rules tab > Completely block access to XMLRPC , Disable pingback functionality from XMLRPC Please check both to enable and Save.”

Regards

Here is the trace from one of the failed login attempt that was not me : https://pastebin.com/9NJs4R4H
IP address comes from Russia, maybe from a VPN.
I saw some other users facing some brute force attack as soon as they use or change their renamed login page, how is this possible ? Do your plugin have a security breach ?

@clementmartineau,

It seems that pastebin content expired can you please resent it.

https://snipboard.io/I6QRwe.jpg

Do stack trace end do have the xmlrpc.php call?

If possible share your site url also so if any login / logout link in the theme hopefully not exposing the renamed login page though fronend page.

Regards