Bybe
Forum Replies Created
-
Hi,
Thank you for the prompt response.
The issue with 2FA it doesn’t stop attempt login attempts. The brute force feature is a must and works very well, but with thousands of IP addresses attempting daily, it does cause a lot of server-side requests.
Rate limiting is also a useful feature, but that’s on the assumption one particular IP address is attacking, and even with throttles, an attack of thousands of bots still adds up thousand of server-side requests.
Please do forward my suggestions. These particular bots often follow word lists and use the most common logins, such as Admin, administrator, Administrator, adminwp, Adminwp, admin1, Admin1, etc, and having to fill them in twice because they are case sensitive is time consuming, causes clutter etc. A simple admin* should be a feature to block all of those attempts, and ban that BOT before it even gets throttled, or brute force blocked.
Even with brute force attacks, using low numbers, and setting a low ban of 5 attempts with lockout, 1,000 ip addresses is 5,000 attacks.
I know you also have the feature where you can simply ban users that do not exist, problem with this it can be cumbersome for real users, and the idea of unblocking through the URL feature is something I don’t personally like.
Again, thanks for getting back to me, and hope the feedback team does consider allowing * wildcards, and option of applying ignore case sensitive on usernames when adding bad usernames.
Kind regards.
- This reply was modified 3 years, 9 months ago by Bybe.
Forum: Fixing WordPress
In reply to: Page DeletedThis might be silly and obvious but have you checked your trash bin in WordPress?
Forum: Fixing WordPress
In reply to: Logo won't remain static in header spaceYour very welcome! have a good week!
Forum: Fixing WordPress
In reply to: Upload media difficultiesWell wp_cron is a normal file provided with WordPress, itself isn’t suspicious but you may have something attempting to do something it wasn’t designed to do, or something is attempting to exploit it.
Your need to figure out what is causing it, a great start would be to check your template files and then your plugins.
Forum: Fixing WordPress
In reply to: Linking a word in my Page to a CategoryWhat’s your site address?
Forum: Themes and Templates
In reply to: Custom field, loop and paginationMost questions that receive little or no responses is normally due to the fact they are in the wrong category or because the question is someone what complex or populated with lots of text. Personally, while not a moderator here I would recommend that you try and make your question shorter with only the information people need. People, generally like to skim read and if there’s a lot of text they may not even read it at all.
While the support is generally good on WordPress.org there are many other places you could seek advice, i.e WordPress Stack but ensure you read their rules too, to avoid disappointment.
Forum: Themes and Templates
In reply to: May be Malware attacksSucuri sadly doesn’t find everything. Sometimes your need to do checks yourself. I recommend using Google and reading through some guides.
On the top of my head the places I would check is in your
1.
.htaccess
2.header.php
3.footer.php
4index.phpForum: Fixing WordPress
In reply to: why all my post links getting nofollow'edIf using cPanel then you can use the file manager, or if you have access via FTP/SFTP then that will do too. Best speak to your host if your unsure what you have access to.
Forum: Fixing WordPress
In reply to: New domain name, new blog, broken imagesNot using the .htaccess can cause your URLS to change so bare that in mind. It may add index.php to your address which is not great for search engine friendly URLS.
For example your contact page uses
www.kindful.co/?page_id=38and it would be better to usewww.kindful.co/contact-us/. When people link to your site they know what the page is about before clicking…?page_id=38does not do this.Your better of removing what ever was the issue in the .htaccess rather than simply renaming it and in effect removing everything.
Forum: Fixing WordPress
In reply to: Portfolio struggles1. Click Posts
2. Over over the article you want to edit then click EDIT
3. Click add media button above the article
4. Click dropdown buttonlink toand change toCustom URLForum: Fixing WordPress
In reply to: Update to wordpress 4.3 and website not appearSadly I agree with Juggledad, not enough information, it could be one problem or many, who knows…
Forum: Themes and Templates
In reply to: [Tempera] how to open each post in new tabDid you manage to narrow it down? what was causing it?
Forum: Fixing WordPress
In reply to: The symbol "–>" appears below my footerManage to fix it?
Forum: Fixing WordPress
In reply to: Two Issues – "Contact" Link Inactive / Header Font ResizeThink you have a wide range of problems with the theme your using.
Are you sure that the featured images are being displayed on the blog posts and not the blog index. I don’t see how it could be since its not being called.