wp_login_fails table has every failed login ever

Resolved jimoe
(@jimoe)

4 years, 1 month ago

login lockdown version 1.8.1

I installed Login Lockdown in Jan 2019. Since then it has recorded every failed login, currently almost 160,000.

There does not appear to be any way to age or mass delete the wp_login_fails table from the plugin’s settings page.

Is it okay to periodically empty the wp_login_fails table?

Viewing 7 replies - 1 through 7 (of 7 total)

Thread Starter jimoe
(@jimoe)

4 years, 1 month ago

There are also almost 17,000 entries in wp_lockdowns. Can this table be emptied as well?

mvandemar
(@mvandemar)

4 years ago

@jimoe Yes, I will try and add the interface in for maintenance for manual and automatic cleaning of those tables next release, thank you for reminding me.

-Michael

jimmycrackedcorn
(@jimmycrackedcorn)

3 years, 10 months ago

I would like this functionality as well.

Thread Starter jimoe
(@jimoe)

3 years, 10 months ago

I wrote a bash script to handle this. It have cron run the script once a week.
– It assumes ~/.mylogin.cnf is defined for authentication.
– It creates a list of busy hackers.
– It deletes entries older than 2 weeks.

cd ${DST_DIR}
#
# Get a list of the most prolific offenders,
# more than 20 attempts in the last 2 weeks.
#
filo=”$DST_DIR/lockdown-ip-count-“date +%FT%H.%M.%S“.csv”
sqlcmd=’select count(t.login_attempt_id) as ip_count,t.login_attempt_ip’
sqlcmd=”$sqlcmd from dbname.wp_login_fails t”
sqlcmd=”$sqlcmd where datediff(now(), t.login_attempt_date) < 15″
sqlcmd=”$sqlcmd group by t.login_attempt_ip having (20 < ip_count)”
sqlcmd=”$sqlcmd order by ip_count desc;”
# echo $sqlcmd
# exit 0

mysql –login-path=sohne_admin -e “$sqlcmd” > $filo
rtn=$?

# echo “mysql return value [$rtn]”

#
# Clean the database tables.
#
if [ 0 -eq $rtn ]; then
sqlcmd=’DELETE FROM dbname.wp_lockdowns WHERE 14 < datediff(now(), dbname.wp_lockdowns.lockdown_date);’
mysql –login-path=sohne_admin -e “$sqlcmd”
rtn=$?
# echo “mysql return value [$rtn]”

sqlcmd=’DELETE FROM dbname.wp_login_fails WHERE 14 < datediff(now(), dbname.wp_login_fails.login_attempt_date);’
mysql –login-path=sohne_admin -e “$sqlcmd”
rtn=$?
# echo “mysql return value [$rtn]”
else
echo “Login Lockdown data collection failed.”
echo ” Login tables not cleaned.”
fi
exit 0

LondonTiger
(@londontiger)

3 years, 8 months ago

can this table wp_login_fails have all it’s rows emptied without breaking the database?

I have a plugin called advanced db cleaner which I used to empty the table.

mvandemar
(@mvandemar)

3 years, 8 months ago

@londontiger It will not hurt anything to purge the tables.

-Michael

LondonTiger
(@londontiger)

3 years, 8 months ago

Thank you for confirming. My database balooned to 64MB since 2012. I was worried because I feared that there was a bug on the database. Luckily it was just logs on a table.

IIRC there was 900K+ failed logins, some of those wordpress brute force attacks are prolific.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘wp_login_fails table has every failed login ever’ is closed to new replies.