WordPress.org

Ready to get started?Download WordPress

Forums

All In One WP Security & Firewall
[resolved] Failed Login Attempts from my IP? (7 posts)

  1. chrisgagner
    Member
    Posted 6 months ago #

    I had been getting locked out of my wp-admin due to mod_security being tripped, so I downloaded this plugin to hopefully help. It shows that while I'm logged in, there is a failed attempt to login to the username "admin" every 3 minutes. Funny thing is that I don't use the username "admin" and the failed attempt is coming from my own IP address. Any idea what might be causing this? I have disabled all plugins except this one, and I have changed tried one of WordPress's default themes in case a script was being called in it. However, I'm still having this issue of logins to the admin username (that i don't have) occuring from my IP every 3 minutes.

    http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. wpsolutions
    Member
    Plugin Author

    Posted 6 months ago #

    It shows that while I'm logged in, there is a failed attempt to login to the username "admin" every 3 minutes

    Where are you getting the "failed attempt" information from? Is it one of the menu pages from this plugin or some other plugin?

    Also are you sure that the failed login attempt log you are referring to specifies an exact IP address or does it show an IP range?

  3. chrisgagner
    Member
    Posted 6 months ago #

    It's under wp security - user login - failed login reports. The report lists my ip address, user id 0, username admin and the date when it failed. It happens about every 3 minutes. When i enabled the lockout for failed logins, i was locked out from my own ip pretty quick. Any ideas what might be causing this?

  4. wpsolutions
    Member
    Plugin Author

    Posted 6 months ago #

    Do you have a plugin which uses XML-RPC to allow external entities to login to your site?

  5. chrisgagner
    Member
    Posted 6 months ago #

    I figured out my problem. It wasn't displaying MY ip, but rather my server's IP for ALL activity.

    That's why I was a little confused. The plugin was detecting my server's IP address, and locking out the server's ip. Quite a little issue.

    This was due to the server being setup to some sort of reverse-proxy. The same thing can happen to some people when they use cloudflare with their site.

    I was able to correct it by adding the following code to my wp-config file:

    $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"] ? $_SERVER["HTTP_CF_CONNECTING_IP"] : $_SERVER["REMOTE_ADDR"];

    Sorry for the confusion, but i was able to get it worked out. Thanks for the help.

  6. chrisgagner
    Member
    Posted 6 months ago #

  7. wpsolutions
    Member
    Plugin Author

    Posted 6 months ago #

    Ok thanks for the update Chris.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.