User locked out from signing in

  • Resolved stevecli

    (@stevecli)


    9 years, 1 month ago

    Hi,

    I recently downloaded the Wordfence free version and I keep getting the follow email alerts:

    “This email was sent from your website …..
    A user with IP address xxx.xxx.xxx.xx has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: ‘admin’ …”

    Strangely, the IP address in the email alert is the IP address of my website, and I dont use an “”admin” username.

    Any thoughts on how this is happening?

    Thanks,
    Steve

    https://www.ads-software.com/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author WFMattR

    (@wfmattr)

    Steve,

    It sounds like your site is using a “reverse proxy”, which can have some benefits, but Wordfence cannot see the visitors’ actual IP addresses. You will need to set the option “How does Wordfence get IPs” on the Wordfence Options page. Depending on what software you are using, you will probably need to choose the X-Real-IP or X-Forwarded-For option. More details on the options are here:
    How does Wordfence get IPs

    After setting that option, you can verify that it is working by looking at the Live Traffic page, and visiting the site in a separate browser where you are not logged in, and verify that your own IP appears in your own visits. (If Live Traffic is disabled on the site, try logging in using a second browser, since logins and logouts are still recorded.)

    The attempts using the “admin” username are typical — a lot of hack attempts try to guess which usernames would exist, and “admin” is the default on a lot of sites (until recently). Generally, it’s an automated attempt,

    Let me know if you have any trouble with the settings.

    -Matt R

    Thread Starter stevecli

    (@stevecli)

    Matt,

    Thanks for the quick and detailed reply!

    Selecting the “X-Forwarded-For” option provides accurate IP addresses, so I don’t get locked out on these hack attempts. Thanks, again!

    Best,
    Steve

    Plugin Author WFMattR

    (@wfmattr)

    Great, glad we could help!

    -Matt R

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘User locked out from signing in’ is closed to new replies.