WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
Suggestion: Ban IPs/Hosts that try to login for "admin" user (18 posts)

  1. joeran
    Member
    Posted 6 months ago #

    First of all, thank you very much for your awesome software. I really love Better WP Security. In particularly the "Login limit" function is really useful.

    However, I would like to make a suggestion. It would be great if one could specify that IPs/Hosts that try to log-in as the "Admin" user are banned immediately and not only after X bad attempts. Namely, I removed the Admin user for security reasons. This means, anybody who tries to log-in as Admin, undoubtedly must be a "bad guy".

    http://wordpress.org/plugins/better-wp-security/

  2. hai3009
    Member
    Posted 6 months ago #

    I was ask that before, currently no answer :-(

    My question

  3. wasanajones
    Member
    Posted 6 months ago #

    yes please

  4. m_butcher
    Member
    Posted 6 months ago #

    If you do not have anyone with "admin" in their username you can add "admin" to the Ban User Agents found under the "ban" list. You can also change your blacklist threshold to 1 if you are the only user and know you will never forget your password.

  5. m_butcher
    Member
    Posted 6 months ago #


  6. hai3009
    Member
    Posted 6 months ago #

    @m_butcher.
    Problem is that I did know my password but not all the "normal Users".
    That's the reason why I can't set the Blacklist threshold to 1

  7. 5high
    Member
    Posted 6 months ago #

    Thanks m_butcher for that info - I'd never really understood what a 'user agent' was! So I'll try adding it to reduce the number of attempted logins.

  8. 5high
    Member
    Posted 6 months ago #

    NO - DON'T DO THIS! wHEN i ADDED 'ADMIN' INTO THE bAN USRr agents, it totally locked me out of my site and returned an error saying that my admin page was banned! (ie: couldn't access my wp admin page!), even though I have the admin username removed by wp security too.

    So I looked in my .htaccess file and found this...

    RewriteCond %{HTTP_USER_AGENT} ^ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^admin [NC]
    RewriteRule ^(.*)$ - [F,L]

    which I totally deleted, and this then allowed me back in. Phew! I then went back into WP security and removed 'admin' from my ban user agent section too.

    So,please could anyone tell me:
    1. if it was OK to delete all of this section of code in my htaccess file??
    2. why it didn't work as suggested above?
    3. what else could be added into the Ban User section to improve security?

    Thanks in anticipation...

  9. WDG
    Member
    Posted 6 months ago #

    +1
    @m_butcher's suggestion is incorrect. That's not what a user agent is for.

  10. 5high
    Member
    Posted 6 months ago #

    Thanks WDG for your reply - do you know if it was OK to delete all the mentioned lines (as above) from my htaccess file?
    Cheers.

  11. hai3009
    Member
    Posted 6 months ago #

    Yes, it should be possible to prevent the WP from evil Logins.
    Why we don't make a white list with the usersnames?

    If a hacker trys a different username (not on the white list)
    ---> Baned

    So we do not give them several trys to reach the backend.

  12. WDG
    Member
    Posted 6 months ago #

    @5high
    Yes. Those lines are looking for particular user agents and ending their connection if they match.

  13. 5high
    Member
    Posted 6 months ago #

    @ WDG
    OK, have looked up 'user agents' and will not be touching that section again, as it's probably beyond me!
    However, are you able to answer my previous query...

    So I looked in my .htaccess file and found this...

    RewriteCond %{HTTP_USER_AGENT} ^ [NC,OR]
    RewriteCond %{HTTP_USER_AGENT} ^admin [NC]
    RewriteRule ^(.*)$ - [F,L]

    which I totally deleted, and this then allowed me back in. Phew! I then went back into WP security and removed 'admin' from my ban user agent section too.

    So,please could anyone tell me:
    1. if it was OK to delete all of this section of code in my htaccess file??

    .. re what I deleted form my htaccess file?
    Cheers.

  14. chrisgagner
    Member
    Posted 5 months ago #

    Along the lines of this request, it would be great to have a blacklist username list.. you could add usernames such as "admin" to the list. If someone tries to login using any of them, they are banned permanently (or for a very long time).

  15. brian7997
    Member
    Posted 5 months ago #

    A username blacklist would be great. I have so many admin user attmepts. In addition to that though, there should also be a URL blacklist. So...

    http://domain.com/admin BANNED
    http://domain.com/administrator BANNED

    I know 404 errors handles this, but if you have a lot of real 404 problems, then your stuck up-ing the threshold.

    This would be a lot more aggressive

  16. m_butcher
    Member
    Posted 1 month ago #

    If this has been fixed, please mark as resolved.

  17. 5high
    Member
    Posted 1 month ago #

    @m_butcher, from the looks of it it hasn't been resolved.

  18. lomars
    Member
    Posted 1 month ago #

    @5high you are right :)

Reply

You must log in to post.

About this Plugin

About this Topic