Wordfense warning email

  • characte

    (@characte)


    5 years ago

    I don’t know how to supply a link above so am just trying to explain without it.

    Every day I get this message from Wordfence:

    This email was sent from your website XXXXX by the Wordfence plugin at Sunday 23rd of May 2021 at 02:18:32 PM
    The Wordfence administrative URL for this site is: XXXXX
    A user with username “admin” tried to sign in to your WordPress site. Access was denied because the password being used exists on lists of passwords leaked in data breaches. Attackers use such lists to break into sites and install malicious code. Please change or reset the password XXXX to reactivate this account.

    Learn More:XXXX
    User IP: 23.250.11.42
    User hostname: ns1.wizkidhosting.com
    User location: Buffalo, New York, United States`

    So every day I change the password. And the next day I get the same message with a different user host name and location.

    My new password is always random and I cannot understand how it is being breached.

    I would value some advice.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    5 years ago

    No one is actually logging in. What the message is telling you is that an attempt was made to login to your site with the user id “admin”, NOT that it was successful. In addition, it’s telling you that the password used was on a list of common passwords for “admin”, NOT that it’s the password for the “admin” user on your site.

    It’s generally a good idea not to use the user id “admin” on your site because it’s such a target. If you have an “admin” user, make sure you have a really strong password and consider adding a new user with admin capabilities, then removing the existing “admin”.

    Bottom line: No one has logged in to your site with the userid “admin”.

    I recommend asking at https://ww.wp.xz.cn/support/plugin/wordfence/#new-post so the plugin’s developers and support community can help you with this.

    Thread Starter characte

    (@characte)

    5 years ago

    Oh, thank you, I was so worried. This is very helpful and I appreciate your time.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Wordfense warning email’ is closed to new replies.