Title: admin login notification
Last modified: August 16, 2021

---

# admin login notification

 *  [neschner](https://wordpress.org/support/users/neschner/)
 * (@neschner)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/admin-login-notification-3/)
 * Is it possbile to disable E-mail notification if a host wanted to login via “
   admin” account? I still want to get all other notifications on other login names.
 * why?
    because the admin user doesn’t exist anymore and I get so much mails that
   someone wanted to login via “admin” account and got locked out permanently.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [nlpro](https://wordpress.org/support/users/nlpro/)
 * (@nlpro)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/admin-login-notification-3/#post-14771051)
 * Hi [@neschner](https://wordpress.org/support/users/neschner/)
 * Enabling the **Security Digest** email is an option. The disadvantage is that
   other emails also won’t get sent.
 * It’s probably better to check in the **Logs** page what type of brute force attacks(
   usually login page or xmlrpc) is generating the “admin” invalid login attempts.
 * Then configure/enable plugin features that prevent that type of brute force attacks.
 * +++++ To prevent any confusion, I’m not iThemes +++++
    -  This reply was modified 4 years, 8 months ago by [nlpro](https://wordpress.org/support/users/nlpro/).
 *  Thread Starter [neschner](https://wordpress.org/support/users/neschner/)
 * (@neschner)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/admin-login-notification-3/#post-14771085)
 * How should a admin login be prevented? I already have checked that “admin” logins
   are automaticly host banned. Thats the reason the email gets generated.
 * This is my log of the “admin” login. What could be done to prevent this to not
   get 20 mails everyday?
 *     ```
       id               => 85423
       module           => brute_force
       type             => notice
       code             => auto-ban-admin-username
       timestamp        => 2021-08-16 05:27:39
       init_timestamp   => 2021-08-16 05:27:38
       remote_ip        => 162.55.53.198
       user_id          => [empty string]
       url              => 
       memory_current   => 78468880
       memory_peak      => 79869296
       data             => Array
           details    => Array
               source                 => wp-login.php
               authentication_types   => Array
                   0   => username_and_password
           user       => Object WP_Error
               errors       => Array
                   invalid_username   => Array
                       0   => Unbekannter Benutzername. Überprüfe ihn noch einmal oder versuche es mit deiner E-Mail-Adresse.
               error_data   => Array()
           username   => admin
           SERVER     => Array
               REQUEST_METHOD         => POST
               SERVER_PROTOCOL        => HTTP/1.1
               SCRIPT_FILENAME        => /home/www/wordpress/wp-login.php
               REQUEST_SCHEME         => https
               HTTP_CONNECTION        => close
               HTTP_ACCEPT_ENCODING   => gzip
               CONTENT_TYPE           => application/x-www-form-urlencoded
               CONTENT_LENGTH         => 98
               HTTP_USER_AGENT        => Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
               HTTP_HOST              => 
               HTTP_AUTHORIZATION     => [empty string]
               HTTPS                  => on
               REQUEST_TIME_FLOAT     => [double] 1629091658.1929
               REQUEST_TIME           => [integer] 1629091658
       ```
   
 *  [nlpro](https://wordpress.org/support/users/nlpro/)
 * (@nlpro)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/admin-login-notification-3/#post-14771155)
 * Below the part that tells you that the (admin) brute force attempt seems to be
   done through the login page:
 * source => wp-login.php
 * So enabling the iTSec plugin **Hide Backend** feature (if not already) could 
   help prevent the login attempts. It depends a bit on whether you have a WordPress
   Dashboard login link on your home page or not. If so there is no point in enabling
   the **Hide Backend** feature;-)

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘admin login notification’ is closed to new replies.

 * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=2980272)
 * [Solid Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/)
 * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/)

## Tags

 * [login](https://wordpress.org/support/topic-tag/login/)

 * 3 replies
 * 2 participants
 * Last reply from: [nlpro](https://wordpress.org/support/users/nlpro/)
 * Last activity: [4 years, 8 months ago](https://wordpress.org/support/topic/admin-login-notification-3/#post-14771155)
 * Status: not resolved