Warning Emails Don’t Show Website Link

Resolved

(@fulanoinc)

I manage a ton of websites for clients. I’m receiving email about fail login attempts but it doesn’t specify what website. I have no way of identifying which site it’s coming from. Am I missing a detail?

Email Text:

Hello,

16 failed login attempts (4 lockout(s)) from IP 122.55.226.1
Last user attempted: icgi
IP was blocked for 24 hours

This notification was sent automatically via Limit Login Attempts Reloaded Plugin. This is installed on your WordPress site.

Under Attack? Try our advanced protection. Have Questions? Visit our help section.

Unsubscribe from these notifications.

The page I need help with: [log in to see the link]

Viewing 9 replies - 1 through 9 (of 9 total)

gregjf908
(@gregjf908)

5 years, 3 months ago

I have a similar issue because my email is on several of my clients websites as the admin. I found that if you hover over the unsubscribe link, you’ll see the site in question. Maybe the creators can add that feature?

Plugin Author WPChef
(@wpchefgadget)

5 years, 3 months ago

Hi, good catch. We’ll address this in the next update. Meanwhile, you can see the domain in the unsubscribe link.

gtrguy
(@gtrguy)

5 years, 2 months ago

I started getting these notifications yesterday. I’m wondering if this is legit.
Mine reads “Hello,

12 failed login attempts (3 lockout(s)) from IP 188.228.143.121
Last user attempted: admin
IP was blocked for 20 minutes

This notification was sent automatically via Limit Login Attempts Reloaded Plugin. This is installed on your WordPress site.

Under Attack? Try our advanced protection. Have Questions? Visit our help section.”
Seems that the hacker is using “admin” as the password over and over.

gtrguy
(@gtrguy)

5 years, 2 months ago

Update… I just looked at all 25 of my plugins and I don’t even have Limit Login Attempts Reloaded Plugin.

Plugin Author WPChef
(@wpchefgadget)

5 years, 2 months ago

Hi gtrguy,

When you click the Unsubscribe link, does it get you to one of your sites? It should open a settings page of the plugin. Please let us know.

Plugin Author WPChef
(@wpchefgadget)

5 years, 2 months ago

Hi,

We have uploaded a new version of the plugin with this issue fixed.

Please try it out.

gtrguy
(@gtrguy)

5 years, 2 months ago

I don’t understand. Isn’t the plugin working? I’m getting notified that there has been login attempts and the plugin is locking out the individual or bot that keeps using “admin” as the password to get in.

I found the settings for the plugin but don’t see it listed in my plugins.

Plugin Author WPChef
(@wpchefgadget)

5 years, 2 months ago

Hi gtrguy,

Most likely you’re on some managed hosting plan with the plugin installed as a MU plugin: https://wordpress.org/support/article/must-use-plugins/ This is why you don’t see it in the list of installed plugins, but it’s still there. A lot of hosting providers install the plugin this way as part of their setup process.

gtrguy
(@gtrguy)

5 years, 2 months ago

Hi WPChef, I keep getting these login attempts. Is this some sort of bot that is trying to hack into my website? Am I understanding this correctly that it keeps using the word “admin” as the password to login? Here’s an example
12 failed login attempts (3 lockout(s)) from IP 106.73.71.128
Last user attempted: admin
IP was blocked for 20 minutes