Title: Brute Force Attack Issue – Please help Last modified: August 22, 2016 --- # Brute Force Attack Issue – Please help * [theyogislash](https://wordpress.org/support/users/theyogislash/) * (@theyogislash) * [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/) * Hi, I noticed when trying to log in to either of my websites, I get the following standard brute force attack message: * “This page is temporarily not available and will be available soon. Currently the wp-login.php script is under a heavy brute force attack. We have temporarily blocked access while the attack is present. Once the attack subsides access to this script will be restored. * We apologize for any inconvenience this may cause and appreciate your patience.” * I contacted my hosting company and they suggested to navigate to domain.com/wp- login_new.php * “You should be able to access your site by going to yourdomain.com/wp-login_new. php. However there is something on your site redirecting it so you are not able to visit that page.” * I asked what I should do and received this reply: * “It is being caused by something in your wordpress configuration unfortunately I do not know exactly what is causing it. There is something that is overriding the php files to not make them visible or redirecting the website” * I’m really at a loss as to what to do here… any help would be greatly appreciated. I have two sites, yogaslash.com and awakeboston.com and both are affected in the same manner. * Please help, Westhost is “unfortunately” not able to help me. Viewing 5 replies - 1 through 5 (of 5 total) * Moderator [t-p](https://wordpress.org/support/users/t-p/) * (@t-p) * [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/#post-5358328) * Not clear: * 1. Are you concerned about the brute force? * 2. OR, are you concerned about the login page temporarily not available? * For (1), try reviewing this: [http://codex.wordpress.org/Brute_Force_Attacks](http://codex.wordpress.org/Brute_Force_Attacks) * for (2), are you using some plugin that generate that message or are you using some rule in your .htaccess file that generates that message? * Thread Starter [theyogislash](https://wordpress.org/support/users/theyogislash/) * (@theyogislash) * [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/#post-5358335) * I’m concerned with both, but have read about ways to prevent the brute force attack and feel confident that I can implement them – but I need to be able to gain access first! * So, I’m concerned about the login page being unavailable. I have absolutely no idea if I am using some plugin that generates that message or if I am using some rule in my .htccess file that generates that message. I have not intentionally created anything of the kind. * Thank you for replying! * Moderator [t-p](https://wordpress.org/support/users/t-p/) * (@t-p) * [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/#post-5358344) * > I have absolutely no idea if I am using some plugin that generates that message > or if I am using some rule in my .htccess file that generates that message. * To find out, first try: * -swithing to the WP default theme with ALL plugins off. * Thread Starter [theyogislash](https://wordpress.org/support/users/theyogislash/) * (@theyogislash) * [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/#post-5358346) * Ok, I have to wait until the original /wp-admin login page is available, though, yes? How long does that usually take? * Moderator [t-p](https://wordpress.org/support/users/t-p/) * (@t-p) * [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/#post-5358347) * You dont need to login to carry out the basic troubleshooting steps. You can use FTP or whatever file management application your host provides. * Try: – Flushing any caching plugins you might be running, as well as server and/or browser caches. – deactivating ALL plugins temporarily to see if this resolves the problem. If this works, re-activate them individually (one-by-one) to find the problematic plugin(s). When you can’t get into your admin dashboard, try deactivating via [FTP or SFTP ](http://codex.wordpress.org/FTP_Clients)or whatever file management application your host provides. Also remember to deactivate any plugins in the mu-plugins folder. The easiest way is to rename that folder to mu-plugins-old. – If that does not resolve the issue, try switching to the unedited default Twenty Fourteen Theme for a moment using the WP dashboard to rule out any theme-specific issue. When you don’t have access to your admin area, you can switch to the default theme by renaming your current theme’s folder in wp-content/themes and adding “-old” to the end of the folder name using via [FTP or SFTP ](http://codex.wordpress.org/FTP_Clients) or whatever file management application your host provides. Alternately, you can remove other themes except the default theme. That will force your site to use it. Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Brute Force Attack Issue – Please help’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 5 replies * 2 participants * Last reply from: [t-p](https://wordpress.org/support/users/t-p/) * Last activity: [11 years, 8 months ago](https://wordpress.org/support/topic/brute-force-attack-issue-please-help/#post-5358347) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics