Support » Plugin: All In One WP Security & Firewall » BUG: captcha easy to trick

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author wpsolutions

    (@wpsolutions)

    Hi,
    Thanks for the feedback. I am looking into this – will get back to you tomorrow.

    explains loads of mails about hack attempts on my blog

    Maybe not. I think this could be due to attempts on your xmlrpc.php file.
    Have you blocked access to that file?

    Plugin Author wpsolutions

    (@wpsolutions)

    Update: I found the bug and fixed it. Plugin update will be released very soon.

    > xplains loads of mails about hack attempts on my blog

    > Maybe not. I think this could be due to attempts on your xmlrpc.php file.
    > Have you blocked access to that file?

    Yep. It looks like that someone has a dozen of virtual machines or cloud computers and distributes his login trials over his network. I currently receive about 50-80 notification emails per day that some IPs have been blocked due to invalid credentials. Ah, and they’re not always the same IPs, that would be too easy to ban them. Of course.

    But I think that will be cut down if the captch is fixed 🙂

    Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    You can also improve your protection by enabling the following feature Enable Rename Login Page Feature if you have not already done so. This is located in WP Security -> Brute Force -> Rename Login Page.

    Kind regards

    • This reply was modified 1 year, 1 month ago by mbrsolution.
    • This reply was modified 1 year, 1 month ago by mbrsolution.

    Yes and no. I’m currently using the plugin “Theme My Login” as I want to display a legal disclaimer on the login screen.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘BUG: captcha easy to trick’ is closed to new replies.