Hi @werbewelten, thank you for reaching out. Kindly check the raw details of the lockout notification log to determine the URL where the lockout was triggered, the IP address of the attacker, etc. To increase the chances of a lockout, you can reduce the Max Login Attempts Per Host in the Local Brute Force Protection settings and decrease the Ban Threshold in the Global Settings to increase the likelihood of a ban.
If you have an active support subscription for iThemes Security Pro, kindly submit a ticket from your Member Panel.
Hi @werbewelten,
Is there a possibility to reduce the attacks? How did the attacks come about?
Yes, there definately is a way.
Brute force attacks are usually performed on easy targets. It seems your site belongs to the low hanging fruit on the internet.
So hardening your site will go a long way in preventing brute force attacks.
Below some iTSec plugin suggestions for your site:
- Disable xmlrpc (if possible).
- Restrict access to the REST API.
- Enable the Hide Backend feature.
- Enable the Force Unique Nickname and Disable Extra User Archives settings in WordPress Tweaks (if not already)
Last piece of advise:
Update your current/outdated iTSec PRO (7.0.3 – 2021-08-10) plugin release to the latest release (7.2.2 – 2022-10-11).
+++++ To prevent any confusion, I’m not iThemes +++++
Hi @werbewelten, I hope the information provided helped resolve the issue. Since we haven’t received a response, I’ll mark this post resolved. If you still need assistance, feel free to open a new support topic, and we’d be happy to assist. Thank you!
