101010101010

I also find this as a security concern, As i have previously mentioned, Its a accident waiting to happen just look at what happened to iThemes recently.

@horse0

Go into iThemes security’s setting and locate the option at the very bottom of the settings page for disabling xmlrpc and disable it, This will stop the bot from trying to login otherwise it will continue to keep going.

Its a brute force exploit in wordpress

they could be using xmlrpc.php

open ithemes security visit the settings page then locate XMLRPC then disable it.

please forgive the quad post it had an error when i clicked the post button now there are 4 posts

So again why does the public need write permissions, they can update and execute code on your site, or gain full access to your word press back-end.

so why does public need read, write, execute permissions and why does download manager need to set this to the entire uploads folder ?

So again why does the public need write permissions, they can update and execute code on your site, or gain full access to your word press back-end.

so why does public need read, write, execute permissions and why does download manager need to set this to the entire uploads folder ?

So again why does the public need write permissions, they can update and execute code on your site, or gain full access to your word press back-end.

so why does public need read, write, execute permissions and why does download manager need to set this to the entire uploads folder ?

So again why does the public need write permissions, they can update and execute code on your site, or gain full access to your wordpress backend.

so why does public need read, wtire, execute permissions and why does download manager need to set this to the entire uploads folder ?

Ok now im kinda puzzled.

I enabled away mode because the bot was making attempts every 60 seconds trying brute force with user name admin.

now i tried the admin url and it does not show, so why am i still receiving site lockout notification from failed logins with admin as the user name, Is the away mode working in wordpress 4.0.

Why is this bot able to bypass the custom login slug.

any help here would be nice.

I am rather surprised i haven’t gotten a response because all the times i have had issues with backup buddy you guys were straight on it im glad to have brought that plugin, but iThemes security at this stage im am not going to buy pro especially if the free is not working or getting support and next to no documentation for troubleshooting these type issues.

Please help, Many thanks in advanced.

Hi iThemes Security Team

The time between attempts has become more frequent
https://prntscr.com/4kihti

Changing the admin login slug has no affect it appears they may have found a way around the custom login slug and are targeting wp-login.php directly.

The worst part is the ip’s the bots using are probably from peoples computers that are compromised and infected so the sites most likely is banning regular people.

Still having the 403 (forbidden)error on our software updater disabling and re-enabling iThemes security now has no effect, However disabling iThemes security our software updater works fine we have tried everything short of deleting the iThemes security entries from our database (Will as a last resort).

Do i have to buy pro to get support for this plugin ? or do you provide free support for the free version.

@*B.V.Ramanarao*

1) Yes, All our computers and network are safe and clean, Scanned multiple times per day and always up to date so this is not the issue.

2) Yes tryed password protecting the admin as recommended by the hosting company, How ever i showed then the user authentication can be bypassed due to the mechanic in place, Not going into details here.

3) Done and dusted the only way you can get the url is if you know it, and many setting to change and hide admin user from been found out, Even post user from search results is removed.

4) Done.

The 404 error detection does not seem to be working, I created a test app to test it out my self it can try many url combination until it finds it however its only set to try url combinations and check for 404’s without any resistance from iThemes security 404 detection.

So like i said many thanks in advance for the above issues to be solved thank you

Hi

1) connect via FTP then open wp-config.php
2) change “FORCE_SSL_LOGIN” to “FORCE_SSL_ADMIN”
3) save.

This solved it for me.

Change notes for this setting can be found codex.www.ads-software.com/Version_4.0#External_Libraries just above External_Libraries in the Deprecated section.

I also have a concern about the possible security implications if an attacker was to exploit your plugin to gain access the the root through your advanced server file browser.

This could possibly put all sites using the plugin at risk.

Is there any way to remove or completely disable the feature.