Brute force protections enabled, but failed logins persist

  • Resolved nerdynel17

    (@nerdynel17)


    2 years, 7 months ago

    Hi:

    I have several brute force protection settings enabled (login lockdown, honeypot, cookie-based prevention, login whitelist, captcha), but still noticed an uptick in failed login attempts. My site is using the latest versions of AIOWPS and WordPress. Please look into this. Thanks!

    The page I need help with: [log in to see the link]

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Support vupdraft

    (@vupdraft)

    Are the login attempts from the same IP or lots of different ones?

    Thread Starter nerdynel17

    (@nerdynel17)

    They are from different IPs.

    Plugin Support vupdraft

    (@vupdraft)

    Under Firewall>> Basic firewall rules do you have the following features enabled?

    Completely Block Access To XMLRPC
    Disable Pingback Functionality From XMLRPC

    Thread Starter nerdynel17

    (@nerdynel17)

    I have the second one (disable pingback) enabled. Since I use the JetPack plugin and the WordPress iOS app, I thought only the second option should be checked. Is it OK to check both options in this case?

    • This reply was modified 2 years, 7 months ago by nerdynel17.
    • This reply was modified 2 years, 7 months ago by nerdynel17. Reason: Clarified reply to add details
    Plugin Support vupdraft

    (@vupdraft)

    Are you using jetpack comments?

    Thread Starter nerdynel17

    (@nerdynel17)

    Yes, I’m using Jetpack Comments (I have Jetpack Professional).

    Plugin Support vupdraft

    (@vupdraft)

    Hi,

    Jetpack using XMLRPC,
    Leave this second option unchecked but add this to the Firewall>Customer firewall rules

    This just whitelists the JetPack IP’s

    <Files xmlrpc.php>
Order allow,deny
Allow from 192.0.64.1/192.0.127.254
Deny from all
Satisfy All
ErrorDocument 403 https://127.0.0.1/
</Files>
    Thread Starter nerdynel17

    (@nerdynel17)

    OK, thanks. I’ve unchecked that second option and added this code to the custom rules. Hopefully this puts an end to the failed logins (or at the very least, significantly reduces their prevalence).

    Thread Starter nerdynel17

    (@nerdynel17)

    It’s been a few days, and it looks like the custom firewall rules did the trick. Thanks!

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Brute force protections enabled, but failed logins persist’ is closed to new replies.