Getting “user locked out” notifications…but I changed my login URL. how?

  • Resolved D H

    (@darrenholmes)


    3 years, 11 months ago

    I’m getting one of these kinds of messages every week or so:

    “A user with IP address 5.188.62.76 has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 10.”

    I was getting this a lot, so several months ago I changed my url login from wp-admin to something else. So when you go to wp-admin you get bounced to a page that says NO. There’s no form on the page.

    wp-login.php goes to 404.

    Page accesses for my new login page are zero.

    So what I’d like to know is: How is this happening? No one is hitting my new login page. And wp-admin bounces to a static page with no form input.

    • This topic was modified 3 years, 11 months ago by D H.
    • This topic was modified 3 years, 11 months ago by D H.
    • This topic was modified 3 years, 11 months ago by D H.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @darrenholmes, thanks for getting in touch.

    As WordPress’ directory structure and accessible scripts are widely known due to the open source nature of the product, login scripts and other routes to send POST data to scripts such as admin-ajax.php can be directly targeted by attackers.

    Wordfence doesn’t offer an inbuilt option to hide wp-admin or wp-login.php for this reason. With certain “security through obscurity” methods, this would only serve to slightly slow down somebody with malicious intent rather than stop them.

    Our thoughts on altering the wp-login URL is discussed in this video which is provided for your information: https://www.wordfence.com/blog/2017/10/should-you-hide-wordpress-login-page/

    Using strong account passwords and two-factor authentication, along with always keeping your WordPress and plugin versions up-to-date should offer the best level of security. Wordfence cannot stop somebody from trying to access your site, but deal with those attempts properly when they occur – which is reflected in the lockout messages you are seeing.

    Thanks,

    Peter.

    Thread Starter D H

    (@darrenholmes)

    Hello Peter, thanks very much for the information, appreciate your time on this. And definitely value these messages WordFence is sending.

    Plugin Support wfpeter

    (@wfpeter)

    No worries at all @darrenholmes, if you have any further questions about Wordfence in the future don’t hesitate to start a new topic and we’ll always be glad to help you out!

    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Getting “user locked out” notifications…but I changed my login URL. how?’ is closed to new replies.