Immediately Block Username Not Working?

  • Resolved hftobeason

    (@hftobeason)


    5 years, 6 months ago

    I have added “Admin” to the “Immediately block the IP of users who try to sign in as these usernames” list. However, “Admin” attempts to log in to my site regularly – multiple times a day, often in bursts. I’m assuming I’m doing something wrong, but I can’t figure it out. Any advice most appreciated. TIA.

    WordFence Free Version 7.4.11
    WordPress Version 5.5.1

    • This topic was modified 5 years, 6 months ago by hftobeason.
    • This topic was modified 5 years, 6 months ago by hftobeason.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter hftobeason

    (@hftobeason)

    5 years, 6 months ago

    Screenshots of my site:

    Block Settings

    Login Attempts

    • This reply was modified 5 years, 6 months ago by hftobeason.
    • This reply was modified 5 years, 6 months ago by hftobeason.
    Plugin Support wfpeter

    (@wfpeter)

    5 years, 6 months ago

    Hi @hftobeason, thanks for your messages and screenshots to help us get started.

    Firstly, I think it’s worth checking that Wordfence > All Options > Brute Force Protection > Enable brute force protection is in the ON position above the “Immediately block the IP of users who try to sign in as these usernames” section.

    I would secondly ask you to check that Wordfence > All Options > Rate Limiting > Enable Rate Limiting and Advanced Blocking is switched to ON also. Once in that section, as these attempts seem to be happening every 20 minutes or so, increase the amount of time in the “How long is an IP address blocked when it breaks a rule” dropdown as you see fit.

    Let me know how you get on!

    Thanks,

    Peter.

    Thread Starter hftobeason

    (@hftobeason)

    5 years, 6 months ago

    Thank you for your reply.

    Both Enable brute force protection and Enable Rate Limiting and Advanced Blocking were ON already.

    Brute Force

    I changed How long is an IP address blocked when it breaks a rule from 1 hour to 1 day.

    Rate Limiting

    Plugin Support wfpeter

    (@wfpeter)

    5 years, 6 months ago

    Hi @hftobeason, that looks good so thanks for checking those details.

    The login attempts that you originally showed me should now be greatly reduced. Keep an eye on the logs and let us know if that is indeed the case.

    Thanks again,

    Peter.

    Thread Starter hftobeason

    (@hftobeason)

    5 years, 6 months ago

    Judging by this WordFence Activity email update I just received, it sure seems like things are working as expected:

    Update

    It also looks like adding “admin” with a lower-case “a” helped – I had originally just added “Admin” to the block list, since that’s what was showing in my User Activity Log – but I think the log may be auto-capitalizing the usernames…

    • This reply was modified 5 years, 6 months ago by hftobeason.
Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Immediately Block Username Not Working?’ is closed to new replies.