Login Security Solution
False Brute Force Detection (2 posts)

  1. shinerweb
    Posted 3 years ago #

    I'm seeing an issue with a couple of plugins but the most repeatable one is the "UpdraftPlus - Backup/Restore Version"

    The daft thing is, the error messages I am seeing don't actually make any sense.

    Your website, "xxxxxxxxxx", is undergoing a brute force attack.
    There have been at least 0 failed attempts to log in during the past 120 minutes that used one or more of the following components:
    Component Count Value from Current Attempt
    ------------------------ ----- --------------------------------
    Network IP 0 xxx.xxx.xxx
    Username 0 'xxxxxxxxxx'
    Password MD5 0 xxxxxxxxxxxxxxxxxxxx

    There are no failures recorded in the table "xxx_login_security_solution_fail" either.

    So I'm struggling to work out (1) was there an error condition, and (2) what was the actual error?

    The logs show that there were 0 attempts
    All the counts were 0
    It was the main admin account logged in from a fixed IP address.
    And nothing was recording in the 'login failed' table, so there wasn't any history.

    The plugins this seems to effect are ones which have 'long execution' times. i.e in this instance, the back up process takes a finite time to complete and continually updates the user as to the status of the back up process, but we are only talking a few minutes (2-3 worst case).
    But the thing that confuses me is nothing being logged?
    Once detected though, it does cause the pages to load much much slower, which is impacting the running of the plugin itself (and fires off a bunch of emails under certain conditions, or 1 if I set it to ignore).

    Is there anything else I should be looking at to see what is causing the failure?




  2. Daniel Convissor
    Plugin Author

    Posted 2 years ago #

    Hi Chris:

    Very strange. I don't know what could be going on. You'll have to debug it on your system to know. There are many debug statements inside login-security-solution.php. Uncommenting and examining the log file may provide some clues.



Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Login Security Solution
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic