hackers getting our admin’s username

Hello @miacaella and thanks for reaching out to us!

There are many ways for an attacker to find the user base for a website. The best thing to do is keep these admin accounts secure with STRONG passwords and 2FA.

I also recommend viewing our guide on hardening your wordpress site:
https://www.wordfence.com/learn/how-to-harden-wordpress-sites/

We also talked about how hackers can get your user accounts in a recent episode of our Wordfence Live stream:

Hope this helps!

Thanks!

Hello Im very new to all this and really don’t understand my situation at all.
Ive been locked out of ‘logging out’ of my admin page. My admin page remains open.
I am being attacked by someone who has the same IP address as it is shared hosting. So I can’t block them and now I am blocked as well.
Yesterday everything was working well however today I deleted the Jetpack plugin as I didn’t want to disallow the xml-rpc box. I have brute force attacks constantly through xml-rpc so thought this was the right thing to do.
Please can you advise as I want to log of admin………

Many thanks!

@e4t2x0o
As per the forum guidelines below, could you please open your own topic and we would be glad to assist you:
“Unless users have the exact same version of WordPress on the same physical server hosted by the same hosts with the same plugins, theme, and configurations, then the odds are the solution for one user will not be the same for another. For this reason, we recommend people start their own topics.”

Thanks again!