Wordfence alerts locked users (brute force)
-
Hello,
I am using WordPress 4.7 (latest) with Wordfence Plugin (free).
I’m using a htaccess file securing the wp-admin and the wp-login.php as well with a complex 15 char password.Although I get the following Wordfence Alerts from time to time:
—snip—
This email was sent from your website “XYZ” by the Wordfence plugin at Friday 23rd of December 2016 at 03:31:46 PM
The Wordfence administrative URL for this site is: https://www.example.com/wp-admin/admin.php?page=WordfenceA user with IP address 91.229.x.x has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 4. The last username they tried to sign in with was: ‘support’
User IP: 91.229.x.x
User hostname: 91.229.x.x
User location: Ukraine
—snip—It seems some folks out there are trying to login with well-known WP user accounts, which seems to be reasonable to me considering that WP is a target for many “hackers”.
It is awkward on the other side that users bypass the Apache htaccess/htpasswd mechanism – even after changing the password weekly to a really random and complex one.
So that is what wordfence is trying to tell me, right?
Are there any other login URLs apart from wp-login.php and /admin (the latter uses wp-login.php as well I assume)?Thanks,
Steve
- The topic ‘Wordfence alerts locked users (brute force)’ is closed to new replies.