Brute Force Protection Issue

  • Resolved liquidonthedrums

    (@liquidonthedrums)


    2 years, 2 months ago

    Hi,

    I have Brute force protection setup to lockout an IP address if there are 10 failures within 5 minutes.

    When I manually trigger the lockout, (ie. 10 x failed logins over 5 minutes), I am blocked and shown the “Your access to this site has been temporarily limited by the site owner” screen… All good!

    However, I am then able to click on the “Return to the site home page”, enter the correct login details, and then am logged in.

    I would expect that I wouldn’t be able to login at all from my current IP address for the set time (30mins), but can do so straight away. Am I missing something here?

    I am using the ultimate member plugin, which has a custom login form and all pages are being redirected to the login page for non-logged in users.

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @liquidonthedrums,

    Am I right in saying you’re a Wordfence premium customer and have already submitted this topic to be looked into? As I cannot discuss anything other than the free version here, I will close this topic if that’s the case. If I’ve misunderstood the situation, let me know and I’ll be more than happy to take a look into this for you.

    Thanks for using Wordfence,

    Peter.

    Thread Starter liquidonthedrums

    (@liquidonthedrums)

    Hi Peter,

    Yes I purchased premium support after posting this. Would really appreciate a response from the premium support team though if you could pass that on ??

    Thanks.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @liquidonthedrums,

    You should certainly hear from them soon and I’ve passed your message along.

    Take care,

    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Brute Force Protection Issue’ is closed to new replies.