Username Discovery

  • Alan

    (@alanwhiteman)


    2 years, 5 months ago

    Hi,

    A while ago I was not able to log into a client’s website with my admin username as the password was not accepted and I was locked out, even though my IP was whitelisted. I had to go into the database and change my password. No big deal.

    After I got in, I looked at the logs and noticed that various intruders had correctly discovered my admin username and tried unsuccessfully to log in.

    I did two things.

    1) I activated the following Cerber settings

    Main Settings:

    Do not reveal non-existing usernames and emails in the failed login attempt message

    Do not reveal non-existing usernames and emails in the reset password error message

    Immediately block IP when attempting to log in with a non-existing username

    Hardening (Most all settings, including):

    Block access to user pages like /?author=n

    Prevent username discovery via oEmbed

    Prevent username discovery via user XML sitemaps

    2) I created a new admin username and deleted the old one.

    However, the crooks were able to guess my new username and tried their old tricks!

    Next, I will probably hide the login page. But I thought I would mention this behavior in case the plugin was not performing as expected.

    Thank you.

Viewing 1 replies (of 1 total)
  • Plugin Author gioni

    (@gioni)

    Hi!

    The plugin is performing as expected. Something else is performing the way we do not expect and can interfere with the plugin. Please try to use a new, completely random admin username.

    When your IP address is whitelisted, you can be blocked if you have enabled “Apply limit login rules to IP addresses in the White IP Access List”.

Viewing 1 replies (of 1 total)
  • The topic ‘Username Discovery’ is closed to new replies.