WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
Received 44 "user locked out" messages last night (2 posts)

  1. aboutpetrats
    Member
    Posted 4 months ago #

    I have had 44 Wordfence alert emails since yesterday saying that various users have been locked out from signing in or using password recovery because they tried to login 20 times unsuccessfully. All seem to be coming from different IP addresses.

    Does this mean I'm under attack? Is there anything I should/can be doing to stop these attempts? (other than have Wordfence installed!)

    I have received these emails every once in awhile saying someone is trying to login to my site, but never this meany in one 24-hr period. All are attempting to use the user name "admin" which I do not use.

    Please advise!

    Thanks in advance for your help.

    https://wordpress.org/plugins/wordfence/

  2. PavelCZ1982
    Member
    Posted 4 months ago #

    Yes, this was attack to your site. I recommend you to block user after 3 failed logins for at least 2 hours. It will not block them to try it again, but at least stop spamming you...

    Also consider to combine Wordfence with other security plugin. The reasons are following: Wordfence support activity is zero, logs are mostly useless especially in case that there is large number of attacks in short time and finally Wordfence is only active protection. Other plugins also provides passive protection with many preventing settings.

    Have a good day
    Pavel

Reply

You must log in to post.

About this Plugin

About this Topic