Under attack after update

  • Resolved pierregielen

    (@pierregielen)


    1 year, 3 months ago

    Some time ago I have changed the login page URL of our website to something not so easy to guess. Since then, the number of brute force attacks, trying to guess the user name and password, have dropped dramatically. I can see that in the number of failed login attempts and automatic site lockouts. But since we have installed the updated version of AIOWP, the number has risen again. Someone is trying to get in using an admin account. They will need more than a working username and password for that, ofcourse, but the number of attacks is annoying me. Can you confirm that the renamed login page URL is not working anymore?

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @pierregielen

    Renamed login page works fine, you should make sure that xml rpc enabled, Recent release might have disabled it as we are moving to the php based firewall and do not want people to unnecessary stop working other plugin or other functionaltiy.

    WP Security > Firewall > Basic firewall rules tab > Completely block access to XMLRPC , Disable pingback functionality from XMLRPC

    In extra of we had worked on to improve prevent user enumeration. You can download the zip below and add it as Add new plugin and replace it with existing AIOS plugin. It is going to be in the next release.

    https://gofile.io/d/RYysyN

    Regards

    Thread Starter pierregielen

    (@pierregielen)

    Thanks for you answer,

    Indeed, xmlrpc has been disabled by the latest update. It’s not a very good idea to let an update of a security plugin open the gates to hackers. However, I have enabled it again manually. Let’s see if the attacks will stop now in the coming hours.

    I will take a look at the improved user enumeration plugin as well.

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @pierregielen

    Ok, keep me posted if still an issue.

    Regards

    I had the same problem and after much invested time I read this. Looks like this solution works.

    It would certainly be a great relief for many to show a notice in the WP dashboard that users are using this solution.

    Please do it – thanks.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Under attack after update’ is closed to new replies.