Login Security Solution
[resolved] Brute Force Not Being Slowed? (5 posts)

  1. knappen
    Posted 3 years ago #

    Below is a notification that seems to show the plugin is not slowing a brute force attack. I checked the data in the login_security_solution_fail table and see that it is from the same specific IPv6. Any ideas? I'm happy to share the table confidentially if that will help. Thank you!

    There have been at least 174 failed attempts to log in during the past 120 minutes that used one or more of the following components:

    Component Count Value from Current Attempt
    ------------------------ ----- --------------------------------
    Network IP 171 xxx.xxx.xxx
    Username 174 admin
    Password MD5 1 573eaefe42e98af6cc71ded816f7106e


  2. Daniel Convissor
    Plugin Author

    Posted 2 years ago #

    Hi Knappen:

    This topic is covered in the "I just got hit with 500 failed logins! Why isn't this plugin working?!?" section of the FAQ: http://wordpress.org/extend/plugins/login-security-solution/faq/


  3. knappen
    Posted 2 years ago #

    Hey there!

    Thanks for responding. The FAQs are helpful and I did read them before posting. In addition, I put a question mark on the subject because I am trying to understand why a single IP address is getting through one attempt about every 40 seconds. Is the plugin logging and slowing failed attempts via IP or session?


  4. Daniel Convissor
    Plugin Author

    Posted 2 years ago #

    As mentioned in the description, the plugin tracks IP, user name and password. If any of those three match earlier failed logins, we slow them down.

  5. knappen
    Posted 2 years ago #

    Hey thanks! I had a 60 second delay stuck in my head but I reread that the second level delays can be 25 seconds. Reading- who knew?

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Login Security Solution
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic