it still lets people access the admin login page and then allows them to login
How are you coming to that conclusion?
Did you actually try a test using a non-whitelisted IP address to verify this?
Yes. I have a static IP at my office – thats the IP I white listed.
I then changed my IP to another part of the country and saw no difference logging in to my site.
That is the issue.
I want to try and reproduce your scenario on my test site.
Do you also have another brute force feature active together with the whitelist feature? If so which one?
Sure.
All these are active ……
Rename Login Page
Login Captcha Basic
Lost password Form Captcha
Login IP Whitelist
Honeypot
I rested just to make sure I am getting the same problem and its still is not working.
Currently I have a foreign IP
The Plugin is correctly reading my current IP as the foreign IP
I have a different IP listed in the whitelist.
I only have one IP listed in the whitelist.
happy to email you screen shots privately.
Have you asked your host technical support people as to why the apache directives for the whitelist feature are not working as they should on your server?
Hello,
I have the same issue; I hope there is troubleshooting for it.
Rename Login Page (changed recently)
Login Captcha Basic
Lost password Form Captcha
Login IP Whitelist
Honeypot
are all enabled, still a lot of failed login attempts on my site.
Why?
Has this issue ever been resolved?
I consider this a grave problem – please react soon.
Thank you!
martina
@bambambam did you enable any of the following features? They can be found under Firewall -> Basic Firewall Rules.
Completely Block Access To XMLRPC:
Disable Pingback Functionality From XMLRPC:
Regards
no, not yet, but I did now and will tell you about the developments.
thank you very much for quick response!
martina
I am having basically the same problem and just found this thread.
I am only using the options under Login Capcha (nothing else) but I also have these active under Login Lockdown:
Enable Login Lockdown Feature:
Max Login Attempts:3
Set the value for the maximum login retries before IP address is locked out
Login Retry Time Period (min):5
Time Length of Lockout (min):60
Instantly Lockout Invalid Usernames: Yes
Notify By Email: Yes
I am still recieving alerts from Sucuri of Bruteforce attacks. Even with trying Instantly Lockout invalid User Names I recieve no notification and no IP addresses go to the locked out IP address section.
Note under basic Firewall rules I have:
Enable Basic Firewall Protection: Yes
Completely Block Access To XMLRPC: Yes
Disable Pingback Functionality From XMLRPC: No
Block Access to debug.log File: No
Could you please advise?
Hi Martina, I look forward to your reply.
Regards
