Are attempts to log in to “admin” normal now?

  • Resolved NormanW

    (@yugogardner)


    5 years, 5 months ago

    Wordfence is working well and stopping attempts to hack the admin of my website. I changed the default settings to lockout after three incorrect attempts and to lock out for 24 hours.

    My website is a simple blog, no eCommerce, no email lists so what are they trying to do, except take over the site?

    I am getting three or four attempts to log in as an admin every day, from Europe & N America. Is this now normalised behaviour that hackers are trying to break admin passwords to get access to any site, or is there something I am missing?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @yugogardner,

    Once your site becomes visible to attackers, they can start random brute force attacks.

    The most common type of attack is to log in with common usernames/passwords (such as admin/password, administrator/password, etc).

    Even on my site, without a proper domain name, I’m getting a few people trying to login with the username admin daily.

    Note that even though your website is only a blog, once they get access to the WordPress administration panel, they can install malicious plugins that can:

    – send out malicious requests to other sites (which will use your site’s IP address)
    – install a backdoor, that will allow attackers to modify your site at any time
    – use your site to host illegal content

    So the settings you have seem to be in order (3 incorrect attempts = banned for 24 hours). It is pretty normal to get a few attempts at the login screen from time to time, and you can rest easy that Wordfence is doing its job in the background.

    Dave

    Thread Starter NormanW

    (@yugogardner)

    Thanks Dave for the information.

    I just received the WordFence activity log email. Between the 2nd and 9th September there were 740 attempts to log into the site which were blocked. Of these “admin” was tried 617 times.

    It does show that taking advice on not using “admin” or a derivative is good!

    NW

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Are attempts to log in to “admin” normal now?’ is closed to new replies.