iThemes Security Plugin Help

I suggest you identify exactly which security plugin you are using and then post in that plugin’s dedicated forum via its page in the Plugin Repository. In the meantime, you could look at blocking this particular nuisance by their IP address – either by editing your root .htaccess directly or via an IP blocking plugin.

Thanks for the reply esmi, I’ll post in the iThemes Security plugin page now.

One option with that plugin is to block IP addresses but there can be so many used that a list of blocked IP addresses can become quite large and I’ve heard that this can slow down website load speed.

So are you only getting a few dozen from each IP address?

I’ve just logged into one of the sites there and checked the logs since about the 10th of June.

There has been 4 different IP addresses trying to login as my Username, some sites probably have quite a few more.

That’s not a great deal really. You’re always going to get scripts trying to access the login page – simply on the basis that it exists. Are you perhaps using ‘admin’ as your username?

No, don’t use the admin username on any site.

Another option with that plugin is to ban any user that tries to login as ‘admin’. I would have that activated on all sites. And one other option although it might be gone since the last update was to ‘hide the backend’ – login URL, so I would also change this from wp-admin to something different (but don’t seem to be able to since the last update).