Usernames blank in spam login attempts

  • One of the sites I am working on just got picked up by the google indexers and a flood of spam login attempts are pouring in. In the email alerts it would say /The last username they tried to sign in with was: ”/ (blank username). Also, on the list of blocked IPs, the user name is also listed blank. However, if I turn on live traffic and watch the requests roll in, I see all the user names they are using.

    Also, every log entry says “locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 5” even though I turned on the option to automatically lockout accounts using specific user names (and I specified “admin,test” which is what they are all using and it appears to be working.

    https://www.ads-software.com/plugins/wordfence/

Viewing 1 replies (of 1 total)
  • esepulveda

    (@esepulveda)

    I have the same issue. Specific usernames blocked, some IP addresses blocked but still getting attempts to log in using blank username.
    One time I got more than 1,500 attemps within several hours.

    Very annoying not to be able to directly block these attackers.

Viewing 1 replies (of 1 total)
  • The topic ‘Usernames blank in spam login attempts’ is closed to new replies.