• Resolved mywp19

    (@mywp19)


    Is Brute Force Protection part of Learning Mode?

    My Wordfence is still in learning mode.
    I have seen in Life Traffic page that username [login] has been trying to log in to my website for more than 100 times.
    I also see 10 entries, nine entry from the US and one from Russia, with green dot and response code of either 200 or 301. Is that mean they’ve successfully hacked my website? My website is just a trial site and is still under construction and I created it a week ago. How did those hackers find my site?

    So, should I wait until the Learning Mode period ends before I change the login settings in the Brute Force Protection Options?

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @mywp19, thanks for reaching out to us over this.

    Regarding Brute Force protection, Learning Mode doesn’t affect those settings so you can alter them as you wish.

    It seems like you’re in the usual learning mode period for a fresh installation. It’s probably OK to change this now by clicking Manage WAF from the Wordfence Dashboard. You will see Basic Firewall Options > Web Application Firewall Status. Change the option to Enabled and Protecting. If you’re still working on developing the site, just be aware to watch for false positives.

    You can see more about Learning Mode and when to use it by consulting this page in our help documentation: https://www.wordfence.com/help/firewall/learning-mode/

    Thanks,

    Peter.

    Thread Starter mywp19

    (@mywp19)

    Thanks for the info, @wfpeter. I will immediately change a few settings in my Brute Force Protection options.

    Has my site been penetrated if I see Response code 200 and 301 in Live Traffic report? If it has, should I delete my Virtual Machine instance and create a new one, or changing my site IP address is good enough? I don’t know much about WordPress.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @mywp19,

    HTTP code 301 signifies a permanent redirect of a path being accessed, and 200 is “OK”, the standard response for a successful page request so I expect you’ll see plenty of those if your site is serving pages to visitors.

    Keep an eye on your scans and reports from Wordfence, but I have no reason to believe your site has been compromised from these codes.

    Thanks,

    Peter.

    Thread Starter mywp19

    (@mywp19)

    Happy New Year @wfpeter,

    Thank you for clarifying my concern.

    Adolf

    • This reply was modified 4 years, 2 months ago by mywp19.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Learning Mode – Brute Force Protection’ is closed to new replies.