Hackers finding login page with random URL

  • andyp3498

    (@andyp3498)


    1 year, 7 months ago

    This is a topic I have looked up before. I have noticed multiple posts, but zero answers. The URL for my wordpress site is just a random set of characters, but I am repeatedly getting notifications of failed login attempts and IP’s being blocked by my plugin. The plugin I use has a premium option you have to pay for, and there is a link to this in the notification e-mail’s. The cynic in me thinks the creator of the plugin is generating these reports of failed logins to make money from premium sign-ups. Any less cynically reasons people are finding my login page would be gratefully received. I don’t even know why anybody would hack my site. Its just a little blog

Viewing 2 replies - 1 through 2 (of 2 total)
  • gytisp

    (@gytisp)

    1 year, 7 months ago

    Your websites random name does not offer any level of protection from bots, they can look up recent domain registrations(this seems to have an entire industry in places like India), Search tool indexes and many other public resources.

    What you could try is hiding(changing) your admin URL or setting up a firewall to only allow admin logins from the IP’s which you specify. The WordFence plugin should have majority of such features.

    Your concern regarding the plugins dev sending false positives can be easily dismissed by cross-checking your servers access logs

    • This reply was modified 1 year, 7 months ago by gytisp.
    Thread Starter andyp3498

    (@andyp3498)

    1 year, 7 months ago

    Thank you for your suggestion. I’ve enabled the plugin suggested and added 2FA. I will look at some of the other features too. Hopefully that will give me the required protection.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hackers finding login page with random URL’ is closed to new replies.