iThemes Security (formerly Better WP Security)
Bad Login attempts, All Lockouts - more info needed (4 posts)

  1. sgb02
    Posted 2 years ago #

    On the Log panel I can see the section with Bad Login Attempts, but it would be very helpful to have the IP addresses provided for each bad login row listed.

    It would also be great to have the header values for all tables (Bad Login Attempts, and ALL Lockouts) sortable.

    I would also like to be able to download the csv file for Bad Login Attempts and All Lockouts.


  2. Craig Hesser
    Posted 2 years ago #

    I have the same request as sgb02, but I also need some more information on what is reported now:

    In a few instances, I get a report on the "Bad Login Attempts" that the Username Attempted was "username". Does this mean that the attempted highjacker was successful in finding the username for the site? Or does it mean that the highjacker used the term "username" instead of (for example) the term "admin" or "administrator"?

    I have some pretty complex user names (all dark green on the username scale), and I would be surprised if a highjacker were successful in finding that, but not the password.

  3. Handoko
    Posted 2 years ago #

    Good suggestions. Hope the developer will see this page.

  4. Craig Hesser
    Posted 2 years ago #

    Hi sgb02,

    I think there is a way to do part of what you want to do.

    If you set the maximum number of bad logins before a viewer is black-listed to 1, but then set the lockout time at a very low number, the blacklist report will give you the IP address of the offending attempt, but won't lock you out for very long if you accidentally hit the wrong key while logging in.

    You would have to go through the list and use the manual lockout list to get rid of the bad guys. A little more work, but more information.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic