Title: Admin brute force attacks Last modified: August 22, 2016 --- # Admin brute force attacks * [persist9](https://wordpress.org/support/users/persist9/) * (@persist9) * [11 years, 5 months ago](https://wordpress.org/support/topic/admin-brute-force-attacks/) * I use word-press .org Latest version installed Plug-in: Securi Security * I am getting perhaps 30 emails a day like: * Subject: Failed Login Login Info: Time: December 17, 2014 7:47 am Website Info: Site: site name given IP Address: 86.15.119.66 Notification: User authentication failed: admin * I also get some emails like * Your website … is undergoing a brute force attack. There have been at least 50 failed attempts to log in during the past 120 minutes that used one or more of the following components: * Component Count Value from Current Attempt ———————— —– ———– Network IP 35 86.15.119.* Username 50 admin Password MD5 1 a4203f63a03a04add5b6068a586489c8 * The most recent attempt came from the following IP address: 86.15.119.66 The Login Security Solution plugin (0.49.0) for WordPress is repelling the attack by making their login failures take a very long time. * **** All these attacks are aimed at username admin. * Question: As I use a different username, is my site safe from these attacks aimed at “admin” * Question: Is there any way that I can stop getting emails about attacks on “admin”. If other user names were being attacked I would want to know this. * A few days ago I tried to increase my security. In securi I went to “settings” and to “Trust IP” and set my own IP number. Question: Dos this mean that now I can only log in from the one computer. Question: Does this mean that if this computer fails, I will be locked out of my site. Question: As all these attacks are on “admin”, can I relax about these attacks and delete my IP address from“ trust IP”. I would also like to be able to log on from other computers in the house. * Since I first started using Securi I can see this message: * “Changes in the integrity of your core files were detected. There are files that were added, modified, and/or removed in the core directories /, /wp-admin and/or /wp- includes. You may want to check each file to determine if they were infected with malicious code.” * Question: Does this message appear for all sites when they first start using secure? Question: Where can I find out how to deal with this? * Thanks * [https://wordpress.org/plugins/sucuri-cloudproxy-waf/](https://wordpress.org/plugins/sucuri-cloudproxy-waf/) The topic ‘Admin brute force attacks’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/sucuri-cloudproxy-waf_d7b7b5.svg) * [Sucuri Security - Website Firewall (CloudProxy)](https://wordpress.org/plugins/sucuri-cloudproxy-waf/) * [Frequently Asked Questions](https://wordpress.org/plugins/sucuri-cloudproxy-waf/#faq) * [Support Threads](https://wordpress.org/support/plugin/sucuri-cloudproxy-waf/) * [Active Topics](https://wordpress.org/support/plugin/sucuri-cloudproxy-waf/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/sucuri-cloudproxy-waf/unresolved/) * [Reviews](https://wordpress.org/support/plugin/sucuri-cloudproxy-waf/reviews/) ## Tags * [admin](https://wordpress.org/support/topic-tag/admin/) * [attack](https://wordpress.org/support/topic-tag/attack/) * [Brute](https://wordpress.org/support/topic-tag/brute/) * 0 replies * 1 participant * Last reply from: [persist9](https://wordpress.org/support/users/persist9/) * Last activity: [11 years, 5 months ago](https://wordpress.org/support/topic/admin-brute-force-attacks/) * Status: not resolved