Support » Plugin: Wordfence Security - Firewall & Malware Scan » WordPress locks out anyone using wrong user name when it isn’t supposed too

  • Resolved Starhorsepax2

    (@starhorsepax2)


    I have it set to block certain user names and allow 7 failed login attempts. But now suddenly it blocks all user names that aren’t on site on the very first attempt. I am getting blocked from sites I need to work on due to something as stupid as a typo. It doesn’t give a second chance, it just instablocks for hours!

    Is this a bug? Some new setting that was never on default before? It should only be blocking admin and the name of the site as logins on these sites, never just random ‘oops I have a typo in the user name!’

    There are no other security plugins on site. In fact there are hardly any other plugins on site at all. Whatever this is, it just started in the last 2 weeks.

    • This topic was modified 1 year, 2 months ago by  Starhorsepax2.
    • This topic was modified 1 year, 2 months ago by  Starhorsepax2.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Hi.

    It sounds like you’ve enabled the Wordfence option “Immediately lock out invalid usernames”. It’s not a new setting and it’s not on by default. I tested it just now to make sure. In a fresh install, the option is off. If you haven’t enabled it yourself there are two possibilities

    – Someone else enabled it
    – Wordfence settings were imported from a site where the option was enabled

    Hope that helps!

    Hi @starhorsepax2

    Since we haven’t heard from you for a while I’m going to go ahead and resolve this thread. If you have any other questions or concerns, don’t hesitate to open a new one.

    Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘WordPress locks out anyone using wrong user name when it isn’t supposed too’ is closed to new replies.