Users are still trying to login after change wp-admin

  • Resolved Nirmal Singh

    (@nirmalsingh311)


    3 years, 10 months ago

    I am still getting alerts from Wordfence. Users still trying to login to wp-admin even after changing the wp-admin to a new one custom login.
    What is the solution for this?

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)

  • Those are most likely spam bots trying to access wp-admin — which presumably is the reason you’ve changed the login URL in the first place? It seems the plugin is working as it should.

    Thread Starter Nirmal Singh

    (@nirmalsingh311)

    @jamieschmid Seems, bots are still trying to access wp-admin even after changing the wp-admin to another custom link.

    Are they going directly to the new url as well?

    Please note, changing the URL doesn’t necessarily afford you better security. But this has happened to me before with xml-rpc, a big botnet attack can cripple your server. If you’re only getting a few notifications, that’s not a big deal. I think you can turn those notifications off if you’re sick of getting them.

    HOWEVER, if it’s really bad and is affecting your server, get Cloudflare as it’s more powerful than Wordfence for brute force attacks.

    There is a nuclear option too – you can block all IP access to the URL and whitelist only your IP (as long as it is static). I believe the free version of Wordfence lets you do this but check to confirm.

    • This reply was modified 3 years, 10 months ago by jamieschmid. Reason: didn't notice he already had WF
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Users are still trying to login after change wp-admin’ is closed to new replies.

Tags