Keep getting lockdown notifications although wp-login.php is protected

  • Resolved guvenck

    (@guvenck)


    7 years, 10 months ago

    Hello,

    I have AIO WP Security installed and have the Login Lockdown feature enabled.

    Besides, I have auth protected the wp-login.php file with a strong user/password combination. I use Apache.

    From time to time, I get Site Lockout Notification emails like this one:

    A lockdown event has occurred due to too many failed login attempts or invalid username:
Username: admin
IP Address: 185.143.223.162

IP Range: 185.143.223.*

Log into your site's WordPress administration panel to see the duration of the lockout or to unlock the user.

    How is this possible? The user is not expected to pass the Apache Authentication, how can he/she try to login to WordPress?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    7 years, 10 months ago

    Hi @guvenck,

    How is this possible? The user is not expected to pass the Apache Authentication, how can he/she try to login to WordPress?

    Short answer – most probably because they are targeting xmlrpc file.
    See my explanation and tips for how to mitigate here.

    Thread Starter guvenck

    (@guvenck)

    7 years, 10 months ago

    Thank you for your answer!

    How can I check if I have any xmlrpc requests? Is there a way to monitor them? I don’t want to break anything if I have any.

    Regards!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Keep getting lockdown notifications although wp-login.php is protected’ is closed to new replies.