Support » Plugin: Cerber Security & Limit Login Attempts » Admin 404 Error Message

  • Resolved h2ofilters

    (@h2ofilters)


    Hello,

    I was unable to login to admin dashboard because of 404 error. I disabled a couple of plugins but no success until I deleted the cerber security plugin and then I was able to login. I am it’s working as it should but how can you prevent admin lockout and not running into this type of frantic moment? The plugin is great but I need a workaround for a legitimate admin.

    Thank you!

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Gioni

    (@gioni)

    Hi!

    Sorry, for late answering. What URL do you use to log in to admin dashboard? Did you configure Custom login URL in the plugin settings?

    h2ofilters

    (@h2ofilters)

    Thanks for replying. No problem because I understand you must be very busy and I appreciate your service and for taking time to reply.

    I did configure the custom login but I get locked out occasionally even though I listed my IP addresses on laptop and iPad. I checked every box that needs to be checked in the settings. But I often go to the server to disable the plugin and then reactivate once I am able to log in to the website. Safari seems to lock me out often and more quickly than do Chrome and Firefox, and I don’t understand why.

    My major problem now is the constant attack on one of the sites I manage. It’s brutal and I am not sure if it’s because of the type of host server or just out of luck for this particular website.

    Beside shutting down the site outright, change host server, and/or domain name, what’s the best way to stop or slow down these attacks? Your plugin has been great but I am not sure if I need to do something else.

    Thanks so much.

    Plugin Author Gioni

    (@gioni)

    What are reasons of your occasional lockouts? You should see them on the Activity tab.

    Check Disable wp-login.php on the Main Setting tab and Disable XM-RPC on the Hardening tab. Those are the most popular targets for attackers. The plugin will generate 404 responses for any attempts to use those resources. That may help to slow down attacks. Actually, there are no guaranteed ways to stop those attacks because we don’t know for sure why those guys or bots chose this or that website as a target. But we definitely can successfully mitigate them.

    This summer I’m going to implement country based restrictions on the ability to log in and use other vital parts/functions on a website, so you will be able to completely isolate those attackers manually. I hope they are not from your country.

    h2ofilters

    (@h2ofilters)

    Thanks and I look forward to the upgrade. It doesn’t matter if the attackers are my neighbors, or country men or women. I’ll block whoever.

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.