Support » Plugin: Wordfence Security - Firewall, Malware Scan, and Login Security » Permanently Block IP Address of Invalid Users

  • Hi, everyone. I’m wondering if I can permanently block the IP address of someone who tries to log in using an invalid username or who attempts to do an invalid recover password attempt.

    Here are my settings:
    Enforce strong passwords for admin and publishers
    Lock out after five login failures
    Lock out after five invalid password recovery attempts
    Count failures over five minutes
    Lock out for one day
    Do not immediately lock out invalid username
    Don’t let WordPress reveal valid users in login errors
    Prevent user from registering admin if it doesn’t exist.

    I see that I can extend the lock out period to 60 days. Can I make it permanent based on IP address?

    https://wordpress.org/plugins/wordfence/

Viewing 6 replies - 1 through 6 (of 6 total)
  • I’m asking the same question. You can manually add their IP address (if it stays consistent) to the blocked IP list. In the Login/Logout monitoring section of WordFence you can click “block” to temporarily block the IP, then switch over to the blocked IP list and click to permanently ban that IP.

    I’m wanting this to happen automatically if the same IP gets a certain # of failed logins. I’m getting hundreds of block login emails a day.

    From my experience, blocking such IPs can be solving the wrong problem. Some hackers can generate new fake IPs every few seconds. I found the easiest solution was to install a plugin that hid the login screen and to set Wordfence to block all invalid logins. That totally eliminated login attempts on my sites, 100%. The Wordfence setting was precautionary, but in over a year not one hacker has gotten that far.

    Thread Starter bagheeragato

    (@bagheeragato)

    If the log in screen is hidden, then how do people post comments to blog posts?

    i think what david said about hiding the login screen is essentially putting the login page to a different URL. most hackers targets specific default URis not unless their script is pretty advance that can sniff for redirects but in most cases they dont do that. if you are using live traffic or atleast you can see in your logs the ip of the login attempt, copy the IP and you can go to Wordfence – > Blocked Ips, somewhere at the the top of the screen there is a input box right beside the button labeled a Manually Block IP. you can paste the IP there

    Thread Starter bagheeragato

    (@bagheeragato)

    David, what you’re saying is that I hide the default login page, but I allow people to log in to post comments on the comments page? Of course, that creates another problem with spam comments and fake accounts, but at least those I can easily block with Akismet!

    Exactly. Wordfence can block any invalid login attempt, but hiding the admin login page prevents those people from even finding the admin login URL. Lockdown-wp-admin is one such plugin. That stops hackers from trying to take over the site.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Permanently Block IP Address of Invalid Users’ is closed to new replies.