ronh99

Here is some additional information. The username that is failing authentication is my author slug name. This would at least explain why the failed attempts are using that username. I’ve configured WP security to immediately lockout any attempts with that username. I’ve also enabled the login page slug and it seems to be working fine with my hosting providers SSO. I don’t think I can use Captcha as that might break the SSO. I’ll wait and see if this stops the failed login attempts. Thanks for your help. This is really encouraging me to use your premium service. Thanks!

I am the only person who accesses the web site. Also, I don’t log into WordPress. I access it through my hosting platform. I’m not sure I can change the login URL without affecting that integration. Why do you think I should enable Captcha? Do you think a bot could be attempting the logins?

I also wanted to mention that I set up a blog page through Tumblr. I don’t know if that has anything to do with this issue but thought I’d mention it.

I posted one of the attempts. https://pastebin.com/ndysajN2. I’m new to pastebin so I hope I did it right. I’m getting a lot of these attempts. 14 since the 10th.

When I block XMLRPC, I get the below warning. I’m not using Jetpack but I use many other plugins and I’m using WP on a MAC. Is this going to break anything?

Attention: You have enabled the “Completely Block Access To XMLRPC” checkbox which means all XMLRPC functionality will be blocked.

By leaving this feature enabled you will prevent Jetpack or WordPress iOS or other apps which need XMLRPC from working correctly on your site.

If you still need XMLRPC then uncheck the “Completely Block Access To XMLRPC” checkbox and enable only the “Disable Pingback Functionality From XMLRPC” checkbox.

• This reply was modified 3 months, 3 weeks ago by ronh99.