iThemes Security (formerly Better WP Security)
[resolved] Large Amount of Bad Login Attempts (3 posts)

  1. allanlud
    Posted 2 years ago #

    First of all I just want to say - great plug-in.

    I guess this is more of a general question, but, I have Better WP Security plug-in installed on about 6-8 websites. Only one of those is a complete WordPress site, other have a 'blog' page on the site.

    Anyway, yesterday (afternoon) when I had checked the full WP site, it had 1350 bad login entries, today (morning) it has 3280, does anyone know why it's getting so many. Any of the other sites either have none, or less than 10. I've added quite a few IP addresses to the Ban list at this stage.



  2. Handoko
    Posted 2 years ago #

    I never have such huge amount of login attempts, but I think it is normal. Random attack from hackers. If your website is more popular, you may get more attacks.

    Using the ban list feature is very useful to stop keep coming back IPs. You may also need to tighten your login security when your site get lots of login attempt:

    1. Goto menu > Security > Login Limits.
    2. Set the Max Login Attempts Per Host low, for example: 3.
    3. Set the Login Time Period high, for exampe: 600.
    4. Set the Lockout Time Period high, for example: 1200.

  3. allanlud
    Posted 2 years ago #

    Thanks for the reply Handoko. I had checked it a few days ago and it was over 5000, but the site doesn't get that much traffic.

    I'll take the steps you pointed out above.


Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic