Title: iThemes Security Plugin Help Last modified: September 1, 2016 --- # iThemes Security Plugin Help * [allanlud](https://wordpress.org/support/users/allanlud/) * (@allanlud) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/) * Hi all, * I have about 30+ WordPress sites setup and pretty much all use iThemes Security. One issue I have been having recently is that I am getting quite a few emails saying that my user account has been locked out for too many bad login attempts. So obviously there is somehow someone is finding out user names on WordPress sites and trying to login with random passwords. * Anyway I can stop my user account from being locked out? I have whitelisted my IP but not sure if that is sufficient enough? * Cheers, Al. Viewing 6 replies - 1 through 6 (of 6 total) * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484155) * I suggest you identify exactly which security plugin you are using and then post in that plugin’s dedicated forum via its page in the [Plugin Repository](https://wordpress.org/plugins/). In the meantime, you could look at blocking this particular nuisance by their IP address – either by editing your root .htaccess directly or via an IP blocking plugin. * Thread Starter [allanlud](https://wordpress.org/support/users/allanlud/) * (@allanlud) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484159) * Thanks for the reply esmi, I’ll post in the iThemes Security plugin page now. * One option with that plugin is to block IP addresses but there can be so many used that a list of blocked IP addresses can become quite large and I’ve heard that this can slow down website load speed. * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484163) * So are you only getting a few dozen from each IP address? * Thread Starter [allanlud](https://wordpress.org/support/users/allanlud/) * (@allanlud) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484174) * I’ve just logged into one of the sites there and checked the logs since about the 10th of June. * There has been 4 different IP addresses trying to login as my Username, some sites probably have quite a few more. * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484182) * That’s not a great deal really. You’re always going to get scripts trying to access the login page – simply on the basis that it exists. Are you perhaps using‘ admin’ as your username? * Thread Starter [allanlud](https://wordpress.org/support/users/allanlud/) * (@allanlud) * [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484191) * No, don’t use the admin username on any site. * Another option with that plugin is to ban any user that tries to login as ‘admin’. I would have that activated on all sites. And one other option although it might be gone since the last update was to ‘hide the backend’ – login URL, so I would also change this from wp-admin to something different (but don’t seem to be able to since the last update). Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘iThemes Security Plugin Help’ is closed to new replies. * 6 replies * 2 participants * Last reply from: [allanlud](https://wordpress.org/support/users/allanlud/) * Last activity: [9 years, 12 months ago](https://wordpress.org/support/topic/ithemes-security-plugin-help/#post-7484191) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics