Support » Plugin: Wordfence Security » How to block/ban immediately if someone uses 'admin' as user ?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Perhaps you can write specific rules in .htaccess (in root of this site, not root of all hosted sites!) to prohibit access to certain web visitors (for example, all but you) Example:

    Order Deny,Allow
    Deny from all
    Allow from 111.111.222.333

    Check this out:
    https://httpd.apache.org/docs/2.0/mod/mod_access.html

    I have an a setup like that blocking 9 countries. my .htaccess is 1mb and i am still getting different countries trying to use admin to log in ever sec to 3 times a sec, under different ips

    Not many people use admin after they set up their WordPress. There should be a way to block people from ever using this user name.

    I don’t see any block rule there based on user ‘admin’. All I need is to block each time someone tries ‘admin’ .

    I believe this plugin stops anyone using the “admin” username:

    http://wordpress.org/plugins/stop-spammer-registrations-plugin/

    Agreed, the option to immediately ban anyone using ‘admin’ as an attempted username would be good? Presumably no-one uses ‘admin’ as their admin login name do they? So it’s just the brute force attacks that try it, so surely then an ideal indication of an IP address that should be blocked straight away. No?

    On the other hand, there is the ‘immediately block IP using a username that doesn’t exist’ option (paraphrasing, but it’s called something like that). That immediately blocks IP trying their luck with an admin login for me as I have no user called admin. So maybe that is the solution?

    Regards, James

    In the Wordfence options

    Login Security Options
    Immediately lock out invalid usernames

    is already there. If you don’t have an admin user there’s no feature needed.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘How to block/ban immediately if someone uses 'admin' as user ?’ is closed to new replies.