• Hi there,

    My website is/was currently under attack and I’m urgently looking for information.
    On my website users can log in to their account through the Woocommerce-account function: page with shortcode: [woocommerce_my_account].
    I’m getting messages from many different ip-adresses that ‘login failed’.
    Luckily I have the plugin Limit login attempts. I adjusted the values a lot stricter for now. Also I’ve put my site on maintenance mode, so hopefully that protects it for now.

    What freaks me out is the robot that’s attacking my site, knows the usernames of my users. So it’s NOT the standard ‘try admin and see if it works’ attack. Also my admin-account has a different name.
    How does the robot see my usernames and where can I adjust the settings of my site to make this invisible to hackers?
    Any help would be appreciated!
    (I won’t be able to respond in the next few hours since it’s late in the evening here, I will check this topic tomorrow-morning).

    PS: I had Woocommerce version 3.0.5 and updated it immediately to 3.0.8.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Attack through Login My Account, pls help’ is closed to new replies.