Hackers finding my username

  • tgtis

    (@tgtis)


    3 years ago

    I have about ten self-hosted WP sites. Some on Siteground, and the rest on inmotionhosting.com. I’ve installed the free version of WordFence and set the lockout to two months for invalid login attempts. This gives me plenty of time to permanently block those offending IPs and user names.

    Occasionally, I will see an attempted login using my username from another IP where they request a password reset. The process fails and I’m notified. I always camouflage my username with the site name in settings.

    I’m trying to keep the sites secure. How are they capturing my login name?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    3 years ago

    Please provide a link to your site.

    Thread Starter tgtis

    (@tgtis)

    3 years ago

    https://hinsdalecentralfoundation.org/

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    3 years ago

    Well, WordFence is blocking my access to your site, so I can’t look to see if your user ID is being used. It may be that it’s used as the author of a post, or it shows up your sitemaps. However, knowing your user ID is not a security issue. That’s why you have a password! Use a strong one and, if you’re concerned, also use two factor authentication. You can turn that on in Wordfence, since you already have that plugin installed.

    Thread Starter tgtis

    (@tgtis)

    3 years ago

    As I see offending IP, I block them permanently. If I see many coming from the same subnet, I’ll block the entire subnet if it looks like it’s in a country or state where my client doesn’t do business.

    If you want to send me the first three octets of your IP, I’ll open it up for you.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    3 years ago

    No thanks. These are bots that are trolling across the net. Odds are they’re not after you, they’re just walking down the street pulling on doorknobs to see what’s locked and what’s not. That said, yes, if you don’t do business in a country, blocking IP ranges is not a terrible idea. However, blocking a big chunk of Chicago because a bot or compromised machine tried to access your site is a bit much. I think you’re overreacting.

    Kenny Moore

    (@bygosh)

    3 years ago

    The People in Charge (PIC) at WP adamantly insist that user name is not a security issue. I disagree, so https://wordpress.org/plugins/edit-author-slug/ The PIC also disparage obfuscating the login url, again I disagree so https://wordpress.org/plugins/wps-hide-login/ You might also consider a recaptcha on your login page. If your site uses Cloudflare you have additional options like a javascript challenge. I’m not a big fan of 2FA – I worry about losing my phone – but it is extremely effective and has the PIC stamp of approval. Strong unique PW is of course essential.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Hackers finding my username’ is closed to new replies.