Locked out messages after wp-login move and blocking xmlrpc.php requests

  • Syllogic

    (@syllogic)


    8 years, 5 months ago

    Hi,

    I have Wordfence Security installed and since I was getting a lot of user locked out messages I have changed the login URL and hidden the wp-admin URL with Lockdown WP Admin plugin. I have also blocked xmlrpc.php requests in htaccess. I’ve added below code to htaccess:

    # Block WordPress xmlrpc.php requests
    <Files xmlrpc.php>
    order deny,allow
    deny from all
    </Files>

    All went well for a while but the last week or so I have been receiving lots of user locked out messages again. The messages refer to the old default /wp-admin URL:

    “A user with IP address XXX.XXX.XXX.XXX has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username ‘feed\”‘ to try to sign in.”

    Any idea how to totally prevent unwanted visitors to try and log in?

    Thanks!
    Syl

    https://wordpress.org/plugins/wordfence/

Viewing 1 replies (of 1 total)
  • Plugin Author WFMattR

    (@wfmattr)

    8 years, 5 months ago

    Syl,

    That may mean that the bot trying to log in has found the new login page, or it could be a problem with blocking xmlrpc.php on your particular host. You can try visiting wp-login.php and xmlrpc.php on your site, to see if they do work without blocking. (xmlrpc.php normally uses POSTs, but it at least tells you that when you try to view it directly.)

    If you know where to find your site’s access log, you can look around the time that the lockout message happened, and see which URL was used. (Often, you can find the file in the hosting company’s control panel, outside of WordPress.) If you’re not sure what to look for in the file, you can post a small piece of the access log here. (Use the “code” button before and after pasting long lines in this forum, and if you need to post more than a few lines, please use pastebin.com instead, and just give us a link here.)

    -Matt R

Viewing 1 replies (of 1 total)
  • The topic ‘Locked out messages after wp-login move and blocking xmlrpc.php requests’ is closed to new replies.