I suspect a user is getting around lockout somehow. possible security hole.

  • Resolved Julian Fox (greataussiepie)

    (@greataussiepie)


    10 years, 1 month ago

    A person attempting to login to my website using the same username and the same ip address has been locked out for 168 hours, which is what i set it to.

    however despite being locked out, this particular user is still attempting to login using the same IP address and the same username.

    is there some way to get around the login lockout?

    can anyone give me some tips on how i might find out how this even happened?

    https://wordpress.org/plugins/limit-login-attempts/

Viewing 3 replies - 1 through 3 (of 3 total)
  • rick111

    (@rick111)

    10 years, 1 month ago

    You cannot stop him from attempting to log in of the log in page is still there. What is happening is that his IP is blocked and he cannot log in even if he get the password right.

    Thread Starter Julian Fox (greataussiepie)

    (@greataussiepie)

    10 years, 1 month ago

    oh ok, i forgot about that, i do remember reading that in the documentation now.

    Thanks for that. this plugin is pretty good, but seeing the other people talk about a possible security threat scared me a little.

    im gonna use WP better security for now, ill keep checkin in on login attempts because its handy little plugin

    Thanks

    richsadams

    (@richsadams)

    10 years, 1 month ago

    I would go ahead and block the IP address permanently. That will stop them from being able to access your site, your site’s admin page, etc. If they’re human and bound and determined they could employ a proxy server to try again with a different IP, but most will give up. It sounds like it’s probably a bot and if that’s the case it may continue to try. Blocking the IP will stop that.

    If you’re familiar with your hosting control (probably cPanel) you will find an IP Deny Manager under the security settings. You can enter the IP address there and it will automatically update your .htaccess file.

    Hope that helps!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘I suspect a user is getting around lockout somehow. possible security hole.’ is closed to new replies.