Brute force options are not blocking repeated login attempts

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @sbuntu, thanks for your message and sorry to see you’re having this issue.

    From your screenshots, I believe the XML-RPC method of authentication being attempted repeatedly by this IP is unaffected by the Brute Force settings which would be looking at the front-end method of signing in such as your login page, or sending POST data to the admin-ajax.php script.

    You could try out the setting to disable XML-RPC authentication by checking the “Disable XML-RPC authentication” box in Wordfence > Login Security > Settings to prevent authentication attempts through that file. However, manual attempts to access the XML-RPC file itself are commonly tried by attackers. You may also add the following code to your .htaccess file if you are certain no plugins you use (such as Jetpack) require access:

    # Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

    You could also try increasing Wordfence > All Options > Rate Limiting > How long is an IP address blocked when it breaks a rule to days rather than minutes/hours. This helps stop automated attempts from retrying so frequently and clogging up your Live Traffic.

    Let me know how you get on!

    Peter.

    Thread Starter sbuntu

    (@sbuntu)

    Thanks Peter.

    • This reply was modified 3 years, 7 months ago by sbuntu.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Brute force options are not blocking repeated login attempts’ is closed to new replies.