Brute Force Protection and Blocking
-
In the “Brute Force Protection” section, I’ve ticked “Immediately lock out invalid usernames” and in “Immediately block the IP of users who try to sign in as these usernames” I’ve added a bunch of names, for example “admin”.
In “Tools” > “Live Traffic”, I can see a stream of failed login attempts, including using the login name “admin”. However, the “Blocking” section is empty, saying “No blocks are currently active.”. Why are none of the failed login attempts causing IP blocks?
The failed login attempts are active and have been running for days.
WordPress Version 5.2
Wordfence Version 7.2.5
Protection Level: Extended Protection
Web Application Firewall Status: Enabled and Protecting
OS Linux
PHP v7.3.0
Server nginx
-
Hey @cmangla,
If you navigate to Wordfence > All Options > Firewall Options > Brute Force Protection what is
Protection Amount of time a user is locked outset to? This is how long the user will be locked out.Thanks,
Gerroald
Hi @wfgerald ,
The setting
Amount of time a user is locked outis set to
4 hours.However, I can see many login failures within the last 4 hours in the Live Traffic tab, but no IP blocks in the Blocking tab.
Cheers,
Chaitanya
- The topic ‘Brute Force Protection and Blocking’ is closed to new replies.
