Continuous Lockouts

Viewing 4 replies - 1 through 4 (of 4 total)

  • Those lockouts are happening for a reason …
    They are the symptom of a brute force attacks to your website.
    Just switching off the lockout emails (for which a setting exists) is like an ostrich burrying his head in the sand … so that is not recommended.

    Your website is probably leaking your WordPress username to login …
    So presumably botnets are trying to brute force your password using that username …
    I sure hope you are using a strong password …
    If not change it to a strong password IMMEDIATELY !

    To stop or at least minimize brute force attacks from hitting your website you could try and enable the iTSec plugin Hide Backend setting. Change the default ‘wplogin’ Login Slug into something only you know (in any case not ‘lotsoflovelily’).
    Oh by the way, this will generate an extra reminder email …

    After this change you will probably not receive any new lockout emails. But sure let us know if they continue …

    Next I recommend you create a new administrator user (with a different nickname) and transfer all content to that new user.
    Then delete the old administrator user.

    lotsofsecuritydwinden

    Thread Starter lotsoflovelily

    (@lotsoflovelily)

    Thanks! That has fixed the problem!

    Hi there,

    I am receiving so many emails that I am unable to release the lock out. How do I login in order to do the steps above?

    Thanks!

    This topic is marked as ‘resolved’.
    Please create a new topic for your issue.

    dwinden

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Continuous Lockouts’ is closed to new replies.