problem protection attack brute force

Resolved HDcms
(@hdcms)

6 years, 8 months ago

HI,
I have been using your extension for some time.
I changed wp-admin to fight “brute force attack”
“Your WordPress login URL has been renamed.
Your new login URL is: xxxxx ”

Despite this, there are some pirates who try
“A lock event occurred because of an invalid user name or an excessive number of unsuccessful login attempts:
Username: yyy
IP Address: 197.232.36.60 ”
yyy is a good username.
How do they then that / wp-admin / is not available.

Regards

Viewing 10 replies - 1 through 10 (of 10 total)

Plugin Contributor mbrsolution
(@mbrsolution)

6 years, 8 months ago

Hi,

They might be targeting the following file xmlrpc.php. This file can be found in the WordPress root directory of your website installation. Enabling one of the following features will help you even further.

Completely Block Access To XMLRPC:
Disable Pinback Functionality From XMLRPC:

Kind regards

Thread Starter HDcms
(@hdcms)

6 years, 8 months ago

Hi,
Thank you for your answer on this extension already interesting
I already configured these 2 parameters:
* Completely Block Access To XMLRPC:
* Disable Pinback Functionality From XMLRPC:
but that does not stop them from trying!
Is there another idea?
or is it possible to automatically blacklist the ip address if more than 5 trials
Regards

Plugin Contributor mbrsolution
(@mbrsolution)

6 years, 8 months ago

Hi,

I already configured these 2 parameters:
* Completely Block Access To XMLRPC:
* Disable Pinback Functionality From XMLRPC:

You should only activate one option and not both.

Try the following test. Activate the following feature Completely Block Access To XMLRPC:, then use a different browser or log out.

What happens when you type the following in your browser?

yoursite.com/xmlrpc.php

What do you see?

Thank you

Thread Starter HDcms
(@hdcms)

6 years, 8 months ago

Hello,
Before deactivating the 2nd box, I have the display in Firefox
“XML-RPC server accepts POST requests only”

Then under Chrome, I left checked: “Completely Block Access To XMLRPC:”
I go on firefox, I have the message “404 The page can not be found.”

I feel like it’s good?

Regards

Plugin Contributor mbrsolution
(@mbrsolution)

6 years, 8 months ago

Hi,

I feel like it’s good?

Yes that is good. It means those features are working correctly.

There must be something in your site that they are targeting. Or maybe one of your other plugin is causing this.

You should really speak to your host support team. Find out why this is happening. If you know what country they are coming from, you could also block that country. This can also help.

I am also curious to know.

Kind regards

Thread Starter HDcms
(@hdcms)

6 years, 8 months ago

Hi,
Thank you very much and I tell everyone.
I have not seen the country where the attacks come from?
Regards

Plugin Contributor mbrsolution
(@mbrsolution)

6 years, 8 months ago

Hi,

I have not seen the country where the attacks come from?

You might be able to do an online trace through one of the free online tools available.

Regards

nylana
(@nylana)

6 years, 8 months ago

bonjour,

j’ai le même problème depuis quelques semaines avec plusieurs sites. Des pirates arrivent à avoir accès à la page admin même en ayant mis des mots de passes complexes, activer brut force et complètement bloquer l’accès à XMLRPC. Y’a t-il un bug au niveau du plugin?

Thread Starter HDcms
(@hdcms)

6 years, 8 months ago

Bonjour,
Non pas de bug. Il ya plusieurs moyens de se connecter. Pour moi cela a été résolu en appliquant ce qu’il dit

Plugin Contributor mbrsolution
(@mbrsolution)

6 years, 8 months ago

@hdcms, is your issue resolved? If it is you might like to close this support thread.

Thank you

Viewing 10 replies - 1 through 10 (of 10 total)

The topic ‘problem protection attack brute force’ is closed to new replies.

Tags