Function to immediately lock out invalid usernames does not work for me

  • Eventhough i have added usernames like admin, administrator or user to the list “Immediately block the IP of users who try to sign in as these usernames” they are not blocked.

    When i check “Live Traffic” i get a lot of login attempts and it says: Tai Po, Hong Kong attempted a failed login using an invalid username “administrator”. The response code is 200 and they are not blocked.

    When i reproduce it on my phone i get locked out immediately and see a 503 response.

    So what can i do to fix that?

    Thanks!

Viewing 13 replies - 1 through 13 (of 13 total)

  • I have the same type of problem:

    Immediate blocked user names doesn’t work for brute force attacks with certain http-user-agent string

    Hello,

    My site is hammered with requests on wp-login.php since a couple of days.
    All the user logins (like selller , shop, admin etc) should be immediatly blocked but are not.

    All those requests have the same http_user_agent which is :
    Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0

    and an empty http_referer (“-“)

    Example :
    Ismailia, Egypt /wp-login.php 11-2-2020 15:58:37 41.39.124.254 200
    Activity Detail
    Ismailia, Egypt attempted a failed login using an invalid username “admin”. https://www.freya.nl/wp-login.php
    11-2-2020 15:58:37 (-470 seconds ago)
    IP: 41.39.124.254
    Human/Bot: Bot
    Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0

    ?xample from access log :
    200.68.137.219 – – [10/Feb/2020:14:55:11 +0100] “POST /wp-login.php HTTP/1.0” 200 3632 “-” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0”

    Most requests come from the far east.

    Hey @trupsch,

    This seems to be working for me on my site.

    Are you able to share a screenshot of your settings and the login URL so I can test this? If you’d prefer not to share the URL here you can email it to [email protected]. If you do email it please address gerroald in the subject, include a link to this thread, and update this thread in case there’s an issue receiving the email.

    @webmasterfreya – Thanks for the information. Can you please start a new thread and we’ll take a closer look?

    Thanks,

    Gerroald

    Thread Starter trupsch

    (@trupsch)

    Hey @wfgerald,

    Thank you for your feedback. As suggested i have already sent an email to you.

    Thanks!

    Hey @trupsch,

    I tested the URL with the username “test” and was immediately blocked. Can you please share a screenshot of the Live Traffic entry? The IP will be 174.128.225.98.

    Please let me know.

    Thanks,

    Gerroald

    Thread Starter trupsch

    (@trupsch)

    Hi @wfgerald

    you’ve got mail.

    Thanks!

    Thread Starter trupsch

    (@trupsch)

    Hey @wfgerald,

    any news on this? Did you get my e-mail?

    Thread Starter trupsch

    (@trupsch)

    @wfgerald

    Again, any news on this?

    Thread Starter trupsch

    (@trupsch)

    @wfgerald

    Nothing? ??

    Thread Starter trupsch

    (@trupsch)

    @wfgerald

    I somehow feel neglected. Sad!

    Thread Starter trupsch

    (@trupsch)

    I feel lonely

    Thread Starter trupsch

    (@trupsch)

    HEEEEEEEEEEEEEEEEEEEEEEEEY!

    Thread Starter trupsch

    (@trupsch)

    ˉ\_(ツ)_/ˉ

    Thread Starter trupsch

    (@trupsch)

    What was this about again..?

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Function to immediately lock out invalid usernames does not work for me’ is closed to new replies.