Support » Plugin: iThemes Security » Excessive lockouts?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter Jeff Williams

    (@jeff-williams)

    Since it’s a malformed URL, I took a look in PMA & there are over 5300 instances in itsec logs since the end of October (we’ve been insanely busy so I didn’t pick up on this previously) & 64 in WF logs (yes, we run both) but I don’t think WF stores data as long as iThemes does.

    Any idea what may be causing this?

    Probably not the iTSec plugin. The iTSec plugin 404 Detection module is just detecting the 404s. Too much of those within a certain period and the Local Brute Force Protection module will start generating lockouts.

    Wikipedia on “%E2%80%9C“:

    The left-to-right mark (LRM) is a control character (an invisible formatting character) used in computerized typesetting (including word processing in a program like Microsoft Word) of text that contains a mixture of left-to-right text (such as English or Russian) and right-to-left text (such as Arabic, Persian or Hebrew). It is used to set the way adjacent characters are grouped with respect to text direction.

    Do some proper googling and I’m sure you’ll find something.

    • This reply was modified 3 years, 5 months ago by nlpro.
    Thread Starter Jeff Williams

    (@jeff-williams)

    I did, actually, so even with the slight snark this is a bit helpful.

    The thing is that these instances aren’t originating from anywhere in particular such as Russia, Ukraine, the Middle East, etc. & quite a few are American in origin.

    I don’t think that this is something that itsec is doing, no, and it’s entirely likely that there’s a misconfiguration somewhere on our install, god knows that this one has been heavily modified.

    Perhaps this helps.

    Thread Starter Jeff Williams

    (@jeff-williams)

    Maybe – I was just reading on another site that this sort of issue could be caused by incorrect character encoding in the DB & they recommended setting the DB to utf8_general_ci … I checked & we’re using utf8mb4_unicode_ci. I will readily admit that I don’t understand the difference between the two, it seems to me that UTF8 is UTF8

    This seems to suggest that our setting is correct, though: https://stackoverflow.com/questions/766809/whats-the-difference-between-utf8-general-ci-and-utf8-unicode-ci

    • This reply was modified 3 years, 5 months ago by Jeff Williams.

    ‘utf8mb4_unicode_ci’ is the default used by WordPress (as of 4.2), so that’s fine.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Excessive lockouts?’ is closed to new replies.