WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] [Plugin: Limit Login Attempts] Does not work! (5 posts)

  1. Metahuman
    Member
    Posted 3 years ago #

    Hey guys,

    I have the latest version of Limit Login Attempts plugin installed and it does not seem to work! Here is a small part of my log -
    614 2010-08-19 20:20:11 WARNING /xxx/xx.xxx 0 195.191.54.176 Login Failed: Unknown User "xxx"
    613 2010-08-19 20:20:09 WARNING /xxx/xx.xxx 0 195.191.54.176 Login Failed: Unknown User "xxx"
    612 2010-08-19 20:20:07 WARNING /xxx/xx.xxx 0 195.191.54.176 Login Failed: Unknown User "xxx"
    611 2010-08-19 20:20:05 WARNING /xxx/xx.xxx 0 195.191.54.176 Login Failed: Unknown User "xxx"
    610 2010-08-19 20:20:04 WARNING /xxx/xx.xxx 0 195.191.54.176 Login Failed: Unknown User "xxx"
    609 2010-08-19 20:20:01 WARNING /xxx/xx.xxx 0 195.191.54.176 Login Failed: Unknown User "xxx"

    Please check and confirm.

  2. johanee
    Member
    Posted 3 years ago #

    This is from your webserver/system log?

    WordPress doesn't log failed login attempts. This plugin does not use the webserver log. So these messages are probably from the webserver.

    I'm guessing you are password-protecting part of your site (perhaps the admin directory) using .htaccess or similar. That would explain things: someone is trying to brute-force the .htaccess protection.

    The .htaccess test is made by the webserver before any PHP code is executed. There is nothing any WP plugin can do about it.

    Either that or you are using some other WP plugin that hooks into wp_login_failed. If so please send me a link so I can check it out!

  3. Metahuman
    Member
    Posted 3 years ago #

    I have a "event log plugin" that logs login attempts, user logins,etc. That is how I am being told about these attempts.
    The plugin also lets me know that wp-login.php was the script called while these many times. Also, I have edited a few details about the log such as the user ID in question and the physical path to my wp-login.php

  4. johanee
    Member
    Posted 3 years ago #

    Ok, sorry about that misunderstanding! :)

    On the Limit Login Attempts plugin options page, does the IP in question get logged, and show up as blocked (turn on plugin IP log if necessary)?

    If yes
    Then there shouldn't be any problem: the IP will fail to login regardless of username/passwords tried.

    However. Reason for failure get filtered at a later stage. No information should leak to attacker, but the original WP error object (including original failure message) is passed along to any other plugin that uses the relevant hooks, wp_login_failed get triggered, and so on.

    If no
    Then please mail me at johan.eenfeldt@kostdoktorn.se and I'll try to debug it further: please tell me about what plugins you have active -- especially if they use the authentication hooks (authenticate, wp_authenticate, wp_authenticate_user, ...) or replace those pluggable functions. Could you send along a link or copy of your event logging so I can make sure exactly what gets checked?

  5. Metahuman
    Member
    Posted 3 years ago #

    Oh! Crap! Sorry for replying late.. and overlooking at the plugin page. It does indeed get locked out - 195.191.54.176 xxxx (1 lockout)

Topic Closed

This topic has been closed to new replies.

About this Topic