WordPress.org

Ready to get started?Download WordPress

Forums

Wordfence Security
[resolved] wordfence logged a login from far away ip-adress (6 posts)

  1. celli030
    Member
    Posted 6 months ago #

    Hi there,

    today I checked the live traffic and found the tab "logins and logouts". What I saw, is still shocking for me - someone from the US logged into my account without even any failed login attempts before. For explanation: I'm located in Germany, don't use any proxy servers and use a Mac. Also I have a very strong password with special characters, numbers and capitalLetters.

    Can anyone explain this? How can someone log into my account with my password without even guessing? Btw, my blog is just a few weeks old, with a few plugins, nothing special.

    Are there any other explanations for that? Like Wordfence got confused with IP-Ranges or something?

    Here is the IP-adress which is in another country from where I'm located.

    United States Columbus, United States logged out as "*username*"
    IP: 11.17.227.44
    1 day 16 hours ago
    United States Columbus, United States logged in successfully as "*username*"
    IP: 11.17.227.44
    1 day 16 hours ago

    Any hints or explanation is helpful, THANKS!

    https://wordpress.org/plugins/wordfence/

  2. ClaytonJames
    Member
    Posted 6 months ago #

    It certainly does seem odd... Bearing in mind that ip addresses are fairly easily spoofed, (that still wouldn't explain how they had your username or password) and just out of curiosity, have you checked into who that block of ip addresses appears to be assigned to?

  3. celli030
    Member
    Posted 6 months ago #

    yes I have, and I really don't know what the DoD want from me. maybe because I talk also about guns on my blog.

    Another strange thing is: I always use a different url to the admin login (not the standard) - so I think I have done a lot in security but might not be enough for those people ...

  4. Wordfence
    Member
    Plugin Author

    Posted 6 months ago #

    Hi,

    Wordfence does not allow anyone to log into your site. We only implement rules that would make your site more secure. I'd recommend changing your password immediately. Also please post a screenshot showing the login you're talking about and I'll investigate.

    Regards,

    Mark.

  5. celli030
    Member
    Posted 6 months ago #

    Hi Mark,

    Thanks for your help! Meanwhile I figured out how and why this happened. The IP adress knew my password because it was me :-D

    I noticed another login from another strange ip range (this time korea) while I was surfing the web. So I investigated and found out that my mobile had an ip range from Korea.

    Problem solved, everything is ok! My mobile provider apparently uses weird ip ranges ... I will contact them to clarify

    Thanks to wordfence for the information, always a great tool!

    Cheers

  6. Wordfence
    Member
    Plugin Author

    Posted 6 months ago #

    :-D Thanks for the update!! Glad to hear you figured it out. I get quite a few reports like this and I think many people make the same mistake.

    Regards,

    Mark.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.