Title: Illogical system message
Last modified: August 30, 2016

---

# Illogical system message

 *  Resolved [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/)
 * I don’t have a user called “admin”. This is also marked in green in the Critical
   Feature Status panel. I also use a renamed login page.
 * Now I get an email saying this in Swedish:
    På grund av alltför många inloggningsförsök
   eller felaktiga användarnamn, är **du** blockerad: Username: admin
 * Quick translation: … too many login attempts… **YOU** are blocked.
 * I can understand that this was not me but it’s strange semantics since the WP
   plugin should know I’m not using such a user name.
 * Further more… the site has been handed over to my client who knows nothing about
   these things. My client will not understand this message and think he is blocked.
 * And what about the renamed login page? I use a Swedish word and it was activated
   a month ago. Is it reasonable to think that hackers brute forced this word in
   so short timespan? Should I change it again?
 * [https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/](https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/)

Viewing 14 replies - 1 through 14 (of 14 total)

 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6317973)
 * Hi, can you change the secret word to something different. Report back if you
   still get the same error message. Can you also confirm that you don’t have any
   other security plugin? Is this a membership site? If it is, do you know if there
   are any members with an admin name?
 *  Thread Starter [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6317976)
 * There are only two users, me and my client. It’s not a membership site. No other
   security plugins are used.
 * I received 3 emails but i changed the secret word now.
 * What about the language in the message? Bad translation or the same problem in
   English?
 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6317985)
 * Your translation in English is very good 🙂
 *  Thread Starter [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6317989)
 * I’m not referring to the translation I did in my message.
 * I’m asking about the general usage of the word “you” in these messages. Clearly
   I wasn’t the one doing bad login attempts so why does the email say that I have
   been banned?
 * It should say something like this instead:
    This user has been banned: Username:
   admin
 * So my question is if this is more clear in the original English message or if
   it’s a general problem (you should look into)
 * – – –
 * Further more … I just mentioned that I changed the secret word but I have now
   received two more emails since then.
 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318029)
 * Hi, sorry for misunderstanding your original question above. I now understand
   what you mean. One of the plugin developers will look further into your question.
 * Regards
 *  Thread Starter [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318085)
 * I took a look at my hosts support site. They have reported two DDos attacks –
   one yesterday and one today. These events happened approximately the same time
   as the
    warning emails. So it definitely looks connected.
 * I can still not understand how something can trigger the login warning when I
   use a 12 character long secret word for that page.
 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318092)
 * Hi, check to see if you have the following enabled. Go to **WP Security -> Firewall-
   > Basic Firewall Rules**, locate the following **Enable Pingback Protection:**.
   Disable this option if it is enabled. Make sure you read the help information
   about this option by clicking on the **More Info** link next to this option.
 *  Thread Starter [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318094)
 * This setting is not activated.
 * The DDos attack was “averted and operation restored to normal” 3 hours ago according
   toe the support blog but I’ve seen 5-10 emails since then too.
 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318095)
 * Have you performed a file scan detection using the following tool under **Scanner**?
 *  Thread Starter [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318115)
 * No I haven’t used that feature.
 * I noticed these things:
    – The cache plugin was caching the login page. I excluded
   that page and change the secret word again. – In the level above the site root
   there is a folder called logs. I downloaded this folder and searched for the 
   secret word and could see it in the logs. – I changed the FTP password
 * The emails are still rolling in though…
 *  Plugin Contributor [wpsolutions](https://wordpress.org/support/users/wpsolutions/)
 * (@wpsolutions)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318117)
 * > Is it reasonable to think that hackers brute forced this word in so short timespan?
   > Should I change it again?
 * I don’t think they have guessed your secret word.
    Try setting “Enable Pingback
   Protection” in firewall menu.
 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318118)
 * [@max](https://wordpress.org/support/users/max/) Beta sorry I meant to type enable
   like [@wpsolutions](https://wordpress.org/support/users/wpsolutions/) mentioned.
   I just read my post and realized I provided the wrong information. I must have
   been thinking about something else not realizing I was giving you the wrong information.
   Sorry about that…:(
 *  Thread Starter [Max Beta](https://wordpress.org/support/users/max-beta/)
 * (@max-beta)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318138)
 * I remember now. You mentioned this before and it breaks the WP iOS app. I’m not
   using the app very much but the problem is that when I want to use it next time
   several month have passed and I’ve forgotten all about this relation and will
   spend unnecessary time trying to fix that problem.
 * For me it would be good if the main panel in WPS said something about the app
   problem if this setting is activated.
 * – – –
 * I have activated it now so we’ll see if there’s any improvement the next hour
   or so.
 * I don’t understand much of these things but as a layman it sounds like if WP 
   is pinging out my hidden login page?
 *  Plugin Contributor [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * (@mbrsolution)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318309)
 * I am marking this thread as resolved. No replies in 7 months.
 * Thank you

Viewing 14 replies - 1 through 14 (of 14 total)

The topic ‘Illogical system message’ is closed to new replies.

 * ![](https://ps.w.org/all-in-one-wp-security-and-firewall/assets/icon-256x256.
   png?rev=2798307)
 * [All-In-One Security (AIOS) – Security and Firewall](https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/)
 * [Active Topics](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/all-in-one-wp-security-and-firewall/reviews/)

 * 14 replies
 * 3 participants
 * Last reply from: [mbrsolution](https://wordpress.org/support/users/mbrsolution/)
 * Last activity: [10 years, 3 months ago](https://wordpress.org/support/topic/illogical-system-message/#post-6318309)
 * Status: resolved