My site is under constant attack

  • Prolet

    (@prolet)


    9 years, 9 months ago

    According to Wordfence from two days ago the whole world makes attempts to log into my website with false usernames.
    This is very sudden.
    My email box is full with warnings, but when I log in I can’t see the same info in logins-logouts.
    Kindly advise, please!

    https://wordpress.org/plugins/wordfence/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Scott Dayman

    (@sdayman)

    9 years, 9 months ago

    Do they show up in the Blocked IPs section? They’d usually show up in the “IPs Locked Out from Login.” If they’re repeat offenders, you may have to scroll down and look for their Last Login Attempt timestamp.

    Thread Starter Prolet

    (@prolet)

    9 years, 9 months ago

    Hi sdayman and thank you for taking time to answer to me 🙂
    No, they don’t show in “IPs Locked Out from Login.”
    I have block manually permanently most of them.

    Thread Starter Prolet

    (@prolet)

    9 years, 9 months ago

    Now they are using the login/?loggedout=true
    I am not sure what they want! My website is new, no people, no traffic.

    Scott Dayman

    (@sdayman)

    9 years, 9 months ago

    New sites are just as much of a target as old sites. Attackers somehow find them all.

    In the Wordfence Options page, have you enabled “Immediately lock out invalid usernames”? I have that set *and* just above that set the lockout to 60 days. I don’t remember the default, but it’s pretty low.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘My site is under constant attack’ is closed to new replies.