Support » Plugin: All In One WP Security & Firewall » Getting a lot of Site Lockout Notification

  • Hey there, i am using your great plugin on my site and seems like lately on few of my websites i get a lot of “Site Lockout Notification” emails.

    I have did the following things on my sites:

    1) I have remove wp-login.php page from my site

    2) I have change the login page url with your plugin (tried to cancel that as well) with the wp-login.php remove so it should not have the option to login

    3) Using login_form action i have tried to break the form code to every IP outside my country

    Even with everything i did above i keep getting “Site Lockout Notification”.
    Does it make sense? can someone try and log in to the site when there is no login page?

    Does you plugin offer any way to block access to login page and not offer anyone the option to log in?

    At this poing i have no idea way to do in order to fix that.
    Thanks

Viewing 14 replies - 1 through 14 (of 14 total)
  • @yydevelopment What is your site URL?

    Thread Starter yydevelopment

    (@yydevelopment)

    Hey, this is the URL
    https://www.fuchs-design.co.il/
    Thank you

    I can confirm that I get “unavailable” when I try to go to wp-admin so it does look as through the rename login page functionality is working correctly.

    You will always need a login page so you will not be able to get rid of this.

    I would recommend implementing the following under Brute Force
    1.Login White list
    2.Cookie Brute Force Prevention
    3.Honeypot

    Also, under Black list manager you can block IP’s

    Thread Starter yydevelopment

    (@yydevelopment)

    Thanks, i will give it a try and let you know if that fixed that.

    The interested part is that the wp-login.php page is remove so that mean that the hackers are able to login from a different place than the regular wordpress login page.

    Do you have any idea how the hackers have access login the site withotut a login page?

    I hope the Cookie Brute Force Prevention will do the trick as the other 2 didn’t help so far.

    Im getting the same issue today. Only way to fix it is disable the plugin. Maybe theres an issue with latest update? I tried disabling site lockout in setting then but the same thing happened.

    When you disable the plugin, you disable the notifications. It’s likely that you are under some kind of attack, you just aren’t being notified of it.

    Thread Starter yydevelopment

    (@yydevelopment)

    Thanks for the help, it seems like so fare i had above without messages.
    I have also change the “Time Length of Lockout” to about 2 years to block repeating ips so that helps as well if the hattacks come from the same ips.

    By the way does you plugin offer some kind of way to block all ips for login but one ip? or ip range or that is not something that possible?

    Thanks again for this great plugin.

    vupdraft

    (@vupdraft)

    Yes, you can do this under Brute Force>>Login Whitelist

    Thread Starter yydevelopment

    (@yydevelopment)

    Oh great thanks for your help appreciate that

    vupdraft

    (@vupdraft)

    No problem

    Thread Starter yydevelopment

    (@yydevelopment)

    Hey me again, just an update unfortunately I had about a week of quiet time but the attackes came back so it seems like the brute force options didn’t work.

    It seems like they hackers probably fount a way to try and login into the site outside the regular login page.

    Under Brute Force, have you tried:
    – Cookie based brute force protection
    – Honeypot?

    Thread Starter yydevelopment

    (@yydevelopment)

    Hey i did all of the options including “Login Whitelist” seems like there is some kind of way to pass that.

    The best other option i had to use it to make max login attempts into 1
    And the lockout time length to very long so they won’t be able to get it from the same ip twice for a long time.

    In the end i gave up and removed the email notification by mail.

    Plugin Support Prashant Baldha

    (@pmbaldha)

    @yydevelopment @vupdraft There are other two ways to log in with WordPress.

    1. REST API
    2. XMLRPC

    You can disable XMLRPC on the Admin Dashboard > WP Security > Firewall > Basic Firewall Rules Tab > WordPress XMLRPC & Pingback Vulnerability Protection Section, Tick both checkboxes “Completely Block Access To XMLRPC” and “Disable Pingback Functionality From XMLRPC” and then Save Basic Firewall settings.

    Thank You

Viewing 14 replies - 1 through 14 (of 14 total)
  • You must be logged in to reply to this topic.