Wordfence blocking forum logins

  • Resolved Webamaze

    (@webamaze)


    7 years, 5 months ago

    I have a site created with WP and a forum created with phpBB. Both are on separate databases and the only connection between the two is by a clickable link.

    Just recently forum users have been trying to login to the forum at https://www.harriers-online.co.uk/forum/index.php but being sent to the main site at https://harriers-online.co.uk/khfc/wp-admin/ to login whereas they should be directed to this page: http://www.harriers-online.co.uk/forum/ucp.php?mode=login

    Of course Wordfence is locking them out for ten minutes. In two cases two people have tried persistently and been blocked completely.

    I have had to manually unblock them.

    Here are two examples of my notifications:

    ————————————————————————

    This email was sent from your website “Harriers Online” by the Wordfence plugin at Thursday 20th of December 2018 at 10:18:59 AM
    The Wordfence administrative URL for this site is: https://harriers-online.co.uk/khfc/wp-admin/admin.php?page=Wordfence
    A user with IP addr 176.35.197.125 has been locked out from signing in or using the password recovery form for the following reason: Used an invalid username ‘cjh201170’ to try to sign in.
    The duration of the lockout is 10 minutes.
    User IP: 176.35.197.125
    User hostname: 176-35-197-125.xdsl.murphx.net
    User location: United Kingdom

    ————————————————————–

    This email was sent from your website “Harriers Online” by the Wordfence plugin at Wednesday 19th of December 2018 at 09:23:01 PM
    The Wordfence administrative URL for this site is: https://harriers-online.co.uk/khfc/wp-admin/admin.php?page=Wordfence
    A user with IP addr 81.31.109.238 has been locked out from signing in or using the password recovery form for the following reason: Used an invalid username ‘krasnyi’ to try to sign in.
    The duration of the lockout is 10 minutes.
    User IP: 81.31.109.238
    User hostname: 81.31.109.238
    User location: Shrewsbury, United Kingdom

    ——————————————————————————

    Can someone please help me with this problem. I’m thinking that a simple way to stop this happening is to ‘allow’ the forum within Wordfence but I can only see the option to block.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • wfdave

    (@wfdave)

    7 years, 5 months ago

    Hi @webamaze,

    I’m not seeing any references to /wp-admin on your sites, so I’m not sure why your users would be redirected there for a login.

    What I can recommend is to disable immediate blocking of users who use an invalid username.

    1. Go to Wordfence -> All Options
    2. Uncheck Immediately lock out invalid usernames
    3. Save changes (top right corner)

    For example: https://i.imgur.com/yQHePUU.png

    If you can find where users are being redirected over to /wp-admin, maybe we can debug that together to stop that from happening.

    Dave

    Thread Starter Webamaze

    (@webamaze)

    7 years, 5 months ago

    Thanks Dave.

    I did have that checked so that may have been part of the problem. Now to tackle the re-direction problem.

    Thanks for your help. A Merry Christmas to you and yours.

    Phil…

    wfdave

    (@wfdave)

    7 years, 5 months ago

    Thank you, and a Merry Christmas to you too!

    So I have two things you can try to tackle the redirection problem:

    1. Ask your users where they are getting redirected to /khfc/wp-login.php, is it from another site or from your site?

    2. Search your access_logs (in apache), use the search words /khfc/wp-login.php or /khfc/wp-admin, an example line within the log might look like:

    24.24.24.24 - - [1/Jan/2018:10:10:00 +0000] "GET /khfc/wp-login.php HTTP/1.1" 200 14487 "http://www.google.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

    In this case, an IP with 24.24.24.24 accessed your wordpress login page, but they were referred by google.com. So you can see if they were linked to your admin site via a remote link or by a link on your site.

    Dave

    wfdave

    (@wfdave)

    7 years, 4 months ago

    Hi again!

    We haven’t heard back from you in a while so I’ve gone ahead and marked this thread as resolved.

    Please feel free to open another thread if you’re still having issues with Wordfence.

    Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Wordfence blocking forum logins’ is closed to new replies.