hacker still attempting login

Hello,

Thanks for using WPS Hide Login.

Does the hacker find your new url or try to reach wp-admin ?

Are you sure your usernames are clear ? Then, I think the issue is from the other plugin you’re using for that.

hi,

i’m not sure i understand your questions.

the first plugin i tried was ithemes security to hide the login. yet the attempts still continued.

i then disabled that plugin from hiding the URL and installed your WPS plugin. yet the attempts still continue.

i additionally tried a plugin to change the admin names because i thought maybe the hacker got my login names when my site was first hacked and still tried that way. but the attempts still continue after i changed my admin names.

i am currently only using WPS to hide my login. i do not know what you mean by are my usernames are clear or if the hacker finds my url on each wp-admin attempt.

how else can the hacker attempt to login if it’s not with the wp-admin login?

i get daily alerts from the ithemes security plugin that there are login attempts even with the new admin names. how can i tell if the hacker is finding the wp-admin to log in or not? i thought the wp-admin is the only way to login?

Ok.

I can’t read Ithemes Security reports but are do they mention your customised slug or the default login slug ?

Ithemes Security creates a report when someone or something try to reach wp-admin or wp-login.php. In this case, WPS Hide Login redirects to 404 and you don’t have to worry about this.

Ithemes Security also creates a report when someone or something tries to log in and mentions the login used (often “admin”). In this case, it means we can reach your customised slug.

i’m only using the free version and can’t find where to setup the reports. i think that’s a pro feature?

i did go to the events/notices section of ithemes security. there’s been 2878 attempts since i installed the ithemes security plugin. here’s a screenshot: https://snipboard.io/u1MyJS.jpg

if i click on details, it says the url is https://lizartlizard.com/xmlrpc.php
see this screenshot: https://snipboard.io/U7dXK4.jpg

so i guess they’re attempting through the xmlrpc and not the wp-login?

one more screenshot of the ithemes overview: https://snipboard.io/BPXSgs.jpg

i guess this doesn’t fall under your support then if that’s the case. but do you have a recommendation on how to prevent the attacks on the xmlrpc? i’m just glad i had installed ithemes to try to change the wp-admin first or i wouldn’t have gotten the notices from ithemes that these attacks were still going on.

Hello,

There an option in Ithemes Security Settings to disable xmlrpc.

Maybe this option is already active. Then, the failed attempts only mean the plugin works well.

hi,

let me rephrase that. any suggestions on how to prevent my usernames from being seen?

yes the plug-in works well. but as long as the hacker can see my user names and attempt to login there’s always a chance that they’ll be successful with guessing my password as they were before on both my websites.

but i guess i’ll ask that in a new post as it’s not an issue with this plug-in as i initially suspected.

thanks again for all your help.

• This reply was modified 2 years, 4 months ago by stargirl1.

also every time they attempt to log in it locks my username out of the site and i have to either wait or re-allow it.

WPS Hide Login doesn’t do anything with you username.

If your username is clear for anyone, the fault is elsewhere.

hi,

thanks, yes i knew WPS hide login didn’t do anything with the username. i was just asking if you had any ideas.

but like i said i’ll ask that in a new post as it’s not an issue with this plug-in as i initially suspected.

thanks for your help. at least i’ve narrowed it down. this post can be closed.