Support » Plugin: WPS Hide Login » How are people still finding me to attack me

  • Hi. I’m no expert, and JUST started using this plugin on a few of my sites. For several days, I had no brute force attempts and thought this was really hiding things – but yesterday, on 2 of my sites, I was warned by Wordfence of many attempts at hacking 3 of my sites.

    Can someone explain how that happens? How, if I’ve hidden my admin address, are they finding the way to get in?

    Any help would be appreciated. Thank you.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author NicolasKulka

    (@nicolaskulka)

    I do not know where it can come from.

    Do you check the box, so that users can register?

    I advise you to change the login URL.

    Thread Starter SGans

    (@aym4t)

    Thank you, for your prompt response.

    I have changed the URL, but I can’t use the box for registered users. more than one of my sites is a shop, and I need people to be able to see content and purchase content ( although, the listed aboutyourmacintosh.com isn’t – however, that’s only 1 of 3 sites that got attacked). The attacks were blocked by Wordfence, but it’s impossible to find the time to change the login URL for all sites, whenever someone hits it.

    I simply can’t understand how I’m being found to be attacked, considering the URL’s I’m choosing aren’t easy at all.

    Any further suggestions would be very much appreciated. Thank you.

    Plugin Author NicolasKulka

    (@nicolaskulka)

    There must be a plugin on your site that gives the login URL by any means

    Thread Starter SGans

    (@aym4t)

    Thanks again for the response. Almost all of my plugins are intended to hide that information, not share it. At least that’s what they say they do. Can you think of a plugin (all of which are from the WordPress.org plugin site) that may expose my login to the public?

    I do get fewer attacks with your plugin, but can’t imagine what could possibly be approved by WordPress that would actually GIVE out the login info to anyone…

    Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘How are people still finding me to attack me’ is closed to new replies.