[login] username failed login

  • Hi,

    I have two websites both using Wordfence and both firewalls have a lot of failed logins using the username [login] in square brackets. I have set this to immediately block. Why are hackers using this username and is there anything else I can do to block the attempt?

    I have looked for the answer on the internet but can’t find any reference.

    Thanks

Viewing 1 replies (of 1 total)

  • Bots attempting brute force attacks generally use a list of common accounts that less experienced site admins aren’t managing properly. In most cases, you’d never want accounts with generic, commonly used names like admin. I always set up a list of these under “Immediately lock out invalid usernames” in the Brute Force settings. My list is admin, administrator, manager, editor, user, demo, test, guest, ftp, operator, marketing, sales, support. Anyone attempting to sign in with these are certainly attempting a brute force attack, so they get locked out immediately.

    There’s really not much you can do other than that. Unless you either protect your login page with HTTP AUTH (additional login) or obfuscate it by changing the login URL, people will always try to brute force login. All part of the fun of running a website I suppose.

Viewing 1 replies (of 1 total)
  • The topic ‘[login] username failed login’ is closed to new replies.