WordPress.org

Forums

All In One WP Security & Firewall
[resolved] Failed Login Attempts from my IP? (7 posts)

  1. Chris Gagner
    Member
    Posted 1 year ago #

    I had been getting locked out of my wp-admin due to mod_security being tripped, so I downloaded this plugin to hopefully help. It shows that while I'm logged in, there is a failed attempt to login to the username "admin" every 3 minutes. Funny thing is that I don't use the username "admin" and the failed attempt is coming from my own IP address. Any idea what might be causing this? I have disabled all plugins except this one, and I have changed tried one of WordPress's default themes in case a script was being called in it. However, I'm still having this issue of logins to the admin username (that i don't have) occuring from my IP every 3 minutes.

    http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. wpsolutions
    Member
    Plugin Author

    Posted 1 year ago #

    It shows that while I'm logged in, there is a failed attempt to login to the username "admin" every 3 minutes

    Where are you getting the "failed attempt" information from? Is it one of the menu pages from this plugin or some other plugin?

    Also are you sure that the failed login attempt log you are referring to specifies an exact IP address or does it show an IP range?

  3. Chris Gagner
    Member
    Posted 1 year ago #

    It's under wp security - user login - failed login reports. The report lists my ip address, user id 0, username admin and the date when it failed. It happens about every 3 minutes. When i enabled the lockout for failed logins, i was locked out from my own ip pretty quick. Any ideas what might be causing this?

  4. wpsolutions
    Member
    Plugin Author

    Posted 1 year ago #

    Do you have a plugin which uses XML-RPC to allow external entities to login to your site?

  5. Chris Gagner
    Member
    Posted 1 year ago #

    I figured out my problem. It wasn't displaying MY ip, but rather my server's IP for ALL activity.

    That's why I was a little confused. The plugin was detecting my server's IP address, and locking out the server's ip. Quite a little issue.

    This was due to the server being setup to some sort of reverse-proxy. The same thing can happen to some people when they use cloudflare with their site.

    I was able to correct it by adding the following code to my wp-config file:

    $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"] ? $_SERVER["HTTP_CF_CONNECTING_IP"] : $_SERVER["REMOTE_ADDR"];

    Sorry for the confusion, but i was able to get it worked out. Thanks for the help.

  6. Chris Gagner
    Member
    Posted 1 year ago #

  7. wpsolutions
    Member
    Plugin Author

    Posted 1 year ago #

    Ok thanks for the update Chris.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.