JLewinski

Thanks, everyone! I think I’m beginning to get my “feeble” mind wrapped around this.

Let the eye of vigilance never be closed.

– Thomas Jefferson

@hjogiupdraftplus Well said. I will definitly keep your words in mind moving forward.

Hi hjogiupdraftplus, thanks for looking and replying!

If stop user enumeration not on It might be the reason your admin username exposed – WP Security > Miscellaneous > User enumeration tab check there.

Yeah, I had missed that one but it is fixed (ON) now.

In extra of that you should cross-check stack trace for the audit log of “Failed login” is not XML RPC all wp_getUsersBlogs.

XML RPC call of wp_getUsersBlogs is trying to authenticate the user. – WP Security > Firewall > Basic firewall rules tab > Completely block access to XMLRPC , Disable pingback functionality from XMLRPC Please check both and Save.”

I searched the log and couldn’t find any reference to “XML RPC -wp_getUsersBlogs.’ That’s good, right?

Should I go ahead and turn ON the option(s) to completely BLOCK all access to XMLRPC and pingback functionality anyway? Better safe than sorry?

My first personal computing experience was in 1981 with a C=64 (MS-DOS). Ah, mammories =;^)

To be honest, I’ve never really concerned myself with the date/time field. But now that you bring it up, looks like I’ve got a new semi-obsession. It appears to be it’s some sort weird product of a calculation.

Are you referring to this: https://app.screencast.com/isQQGdMWW9Q5o

Yes, that is the exact screen I was describing.

The list reflects those IP addresses that met the criteria you set in the User Security > Login Lockout screen (of AIOS). If a login attempt meets the criteria, it is blocked and added to the list.

I need to look into those settings to see where/what I can do to optimize/utilize this.

One cannot stop/prevent logon attempts as long as the website is online/operational, because one cannot control the behavior of others on the Internet. One may only configure the website to react to the attempt (via AIOS or equivalent software). This means that the Permanent Block List will typically have lots of entries.

Does this make sense?

Yes, THAT makes PERFECT sense! I’m current using the Audit Log to download a CSV file, then copy/paste the IPs to the Ban user list in the Blacklist manager. What a PITA!

THANK YOU for taking the time to respond in such a human way that even an old fart like me can understand!

• This reply was modified 1 year, 3 months ago by JLewinski.

Oops! My bad! That’s what I get for being in a hurry. You’re right, it’s an error from “Elementor Pro”. My appologies.

Hope I’m not hijacking, but I have the same issue. I created a staging site ( https://staging.towerlakesflorida.com ), through my hosting service (Hostinger) and am receiving the same message:

License MismatchYour license key doesn’t match your current domain. This is most likely due to a change in the domain URL. Please deactivate the license and then reactivate it again.

Could you please advise?

Respectfully,

Joseph Lewinski