Still Receiving Site Lockout Reports After Renaming Login Page

  • Resolved Michael

    (@aum001)


    4 years, 4 months ago

    I have continued to receive Site Lockout Reports after renaming the login page. I have found other support posts suggesting to check both “Completely Block Access To XMLRPC:” and “Disable Pingback Functionality From XMLRPC:” of which they have been. So, I am stumped as to how people are finding the login page and how I can fix the issue.

    Is there a way for me to have the report show what page the incident occurred on? Also, how do I stop the login attempts?

Viewing 1 replies (of 1 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    I have found other support posts suggesting to check both “Completely Block Access To XMLRPC:” and “Disable Pingback Functionality From XMLRPC:” of which they have been. So, I am stumped as to how people are finding the login page and how I can fix the issue.

    You only need to enable one of the two options. Do not enable both at the same time, they server different purpose.

    When you enable Completely Block Access To XMLRPC: and you type the following yoursite.com/xmlrpc.php on the browser should see the following message 403 forbidden apparently or something similar depending on how you have set up your website security.

    If you don’t see the above forbidden message and you see the following message XML-RPC server accepts POST requests only, that means the xmlrpc.php file is still active and working in your site. That means that for some unknown reason it did not write the correct rules in your .htaccess file.

    You can read more in the following URL.

    https://mbrsolution.com/wordpress/aiowps-plugin-pingback-protection-settings.php

    Let me know if the above helps you.

    Thank you

Viewing 1 replies (of 1 total)
  • The topic ‘Still Receiving Site Lockout Reports After Renaming Login Page’ is closed to new replies.