Login Lockdown

  • Resolved Eric Cavanaugh

    (@lotuscorp)


    2 years, 4 months ago

    I’m showing an awful lot of failed logins. But nothing shows in Login Lockdown? I have my settings at the defaults for /wp-admin/admin.php?page=aiowpsec_userlogin&tab=tab1
    And I have 77 login failures. Is it just the failers did not attempt enough times from a single IP address in a short enough time frame?

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Support aporter

    (@aporter)

    Hi Eric,

    The locked IP addresses will appear at this page:

    wp-admin/admin.php?page=aiowpsec&tab=tab2

    Do you have anything in that table?

    It could well be that they are not triggering the rules to be blocked.

    You could test this feature your self to make sure that it is working.

    Make sure you are logged in on one browser, then on another browser or machine (Don’t use the same browser/machine as you don’t want to lock yourself out!) fail to login until you trigger your rules, then on the first browser refresh and check if the entry has been added (if it has remove it).

    Best Wishes,

    Ashley

    Thread Starter Eric Cavanaugh

    (@lotuscorp)

    So, in this example on 10/21… Because the same IP didn’t fail enough times in a short enough period it didn’t get locked out?
    Login fails info and settings: link
    Link
    link

    Plugin Support aporter

    (@aporter)

    Hi Eric,

    Yes correct although the last one in that list looks like it could have been within the time window for a block.

    Are you able to try the test I suggested above to make sure it is working as expected on your site?

    Best Wishes,

    Ashley

    Thread Starter Eric Cavanaugh

    (@lotuscorp)

    So I just did it from another machine, and browser on VPN. So worried I’d lock myself out. I CAN confirm it locked me out after the third bad attempt. I see the user, and IP I used for this test. So…that’s working. I wish there was an option to send failed logins directly to a blacklist. I genuinely do not want to ever see the hundreds of bad IPs at my virtual door again.
    Is it not very easy for these parasites to just get a new IP or spoof another IP?

    Thanks for your help, Ashley.
    -eric

    Plugin Support aporter

    (@aporter)

    Hi Eric,

    Glad it’s working for you as expected.

    Do you have a static IP address? you could turn on the whitelist feature that only allows whitelisted IPs to access the login page (all others will be blocked).

    Found at: WP Security -> Brute Force -> Login whitelist

    Or you could use our Cookie based brute force protection, with this you have to access a secret page in order to get a cookie that allows access to the login page.

    Found at: WP Security -> Brute Force -> Cookie based brute force protection

    Best Wishes,

    Ashley

    Thread Starter Eric Cavanaugh

    (@lotuscorp)

    I’m afraid the diversity of networks and locations will flummox that. I like these features but am not ready to commit to that yet.

    Thread Starter Eric Cavanaugh

    (@lotuscorp)

    Also I do not think the Email component of this plugin is working. I’ve had a few locked out and never got an email about it.

    Plugin Support aporter

    (@aporter)

    Hi Eric,

    Sorry about the delay.

    I’ve just tested this myself and it is working.

    The emails are sent every 15 minutes via cron, so they may just be delayed.

    Or if crons don’t run on your server that maybe the reason why you are not getting them.

    Best Wishes,

    Ashley

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Login Lockdown’ is closed to new replies.