Plugin Support
WFAdam
(@wfadam)
Hello @tdemo99 and thanks for reaching out to us!
Could you share a screenshot of your Brute Force Protection settings listed in Wordfence > All Options > Brute Force Protection? I would like to review them.
The username field should also capture email address attempts and treat them as usernames. So if one IP attempted to hit a site with 7 emails, in your case, it should lock the IP out.
Thanks again!
hello @wfadam
Image Brute Force Protection settings
Q1 : Wordfence block IP feature work.
1 => when user 7 time hit same email like abcd@gmail but password every time different then block my IP?
2 => when user 7 time hit different email and different password then block my IP
3 => when user 7 time hit username then block my IP this case work properly only email address time not work properly. So please provide solution.
-
This reply was modified 5 years, 2 months ago by
tdemo99.
Plugin Support
WFAdam
(@wfadam)
It should be every attempt against a single username/email address will count an incorrect login attempt. Regardless of the password that was attempted.
So in your testing, as an example, you’re trying to log in as “user” 3 times then that account email “[email protected]” 4 times, which should cause a lockout on that IP. Is that not what is happening?
Could you provide additional details?
Thanks again!
@wfadam
Yes, doesn’t work above case => “ So in your testing, as an example, you’re trying to log in as “user” 3 times then that account email “[email protected]” 4 times, which should cause a lockout on that IP. Is that not what is happening?“
Q1: my above setting is proper or not?
Q2: why not work the above cases IP block feature?
Plugin Support
WFAdam
(@wfadam)
I am sorry if I am not understanding, but it looks like your brute force protection settings are set up correctly for how you explained you wanted it.
I am not sure what the problem you’re having is. If you could explain in more detail, I would appreciate that!
Thanks again!
@wfadam
AS I understood the @tdemo99 asked that he has tried to log in with the wrong email address 7 or more times. So in that that case, the workfence should be block his IP but wordfence can’t blocked his ip.
But he has tried to login with wrong username in 7 time then wordfence blocked his IP.
So the question is the block IP feature will worked for both username and email or only username?
Thanks.
Plugin Support
WFAdam
(@wfadam)
@divyeshk71 It should work with either combination. For example:
Say my username and email on the site http://www.example.com is:
Username: wfadam
email: [email protected]
If your attempts are set to 5 in Brute Force Protection, then I attempt to Login as such:
Login Attempt 1 – wfadam
Login Attempt 2 – wfadam
Login Attempt 3 – [email protected]
Login Attempt 4 – wfadam
Login Attempt 5 – [email protected]
I should then be blocked. It’s based on 5 incorrect logins from an IP address.
Hope this helps!
Ok @wfadam
But when we have tried to same with only email (Ex:[email protected])(Not used any username) but wordfence doesn’t blocked my email after 7 time.
Can you Please check only email address [email protected] (Not used any username) for block IP feature.
-
This reply was modified 5 years, 2 months ago by tdemo99.
Plugin Support
WFAdam
(@wfadam)
Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.
I want to view your tables to make sure they look correct. I will also be able to test your login page then.
Thanks again!
Hello @wfadam
I have sent the diagnostic page report. So please check. I will wait for your reply.
Plugin Support
WFAdam
(@wfadam)
Sorry for the delay!
The tables seem to be ok but that doesn’t mean they are.
A complete re-install of Wordfence might be a good step. It’s always best to make a backup of the site and database before installing/removing plugins, just to be safe.
Additionally, you can backup your Wordfence settings via the Export option. Navigate to Wordfence > Tools > Import/Export Options and click Export. You can also take note of the current Whitelisted URLs you have in Wordfence > Firewall > All Firewall Options > Whitelisted URLs as these are NOT included in the Import/Export, and will be lost during the re-install.
Here is what is exported: https://www.wordfence.com/help/tools/import-export/
During the export, you will be given a long string of text. Keep this safe, you’ll need it in a few minutes.
After that, enable the option to Delete Wordfence tables and data on deactivation in All Options > General Wordfence Options. You will want to remember to disable this after you reinstall Wordfence again.
After you enable that option, you can deactivate Wordfence from the Plugins area of your site, then delete it. Next, from the plugins area, search for and re-install Wordfence like normal.
It will be like setting Wordfence up for the first time. You will need to enter an email address, and then go into Tools > Import/Export Options and paste that string of text into the Import Wordfence Options field and click the button there.
The firewall will be in Learning Mode by default for 7 days. I would recommend switching this to Enabled and Protected as soon as possible.
Let’s see if this resolves the issue.
Thanks again!
