htaccess blocking ips from wp-login.php and wp-admin folder but still warned

  • Resolved Galactopus

    (@galactopus)


    4 years, 9 months ago

    Hello,

    Recently I have blocked access to all ips except a couple known ones for wp-login.php and the wp-admin folder but i’m still being warned of failed login attempts by other ips. Could you shed some light on how is this possible? Is there another file i need to block ips from?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WPChef

    (@wpchefgadget)

    4 years, 9 months ago

    We are not a firewall service, therefore you will still see requests from various IPs even after blocking them. It will be impossible for them to login though. We find this to be the most effective way to block the attacks, as it is very frustrating for them and they soon give up and move on to other sites.

    Thread Starter Galactopus

    (@galactopus)

    4 years, 9 months ago

    Thanks for the reply. I think i figured it out yesterday, i needed to also block the xmlrpc.php file; disabling this file has some caveats so one should research first. Your logs were showing wp_xmlrpc as the gateweay.

    Thanks for the plugin!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘htaccess blocking ips from wp-login.php and wp-admin folder but still warned’ is closed to new replies.