Many lockouts with the same invalid username

  • Resolved pgb

    (@pgb)


    7 years, 9 months ago

    I’m curious to know, I keep getting messages of lockouts of invalid username, but the attempts come from all over the world with the same invalid username of ‘{login}’. How can this be?

Viewing 3 replies - 1 through 3 (of 3 total)

  • I’m seeing the same thing and was getting ready to post a question about it.

    I’m not overly alarmed since WF IS blocking them – but it’s been going on for over a week now on one of my sites that is NOT a high traffic site …

    First it was “admin”, now it’s “test” but the more peculiar thing is they are trying to login at the following: https://mydomain.com/wp-admin/admin.php?page=Wordfence

    I’m wondering why they are on THAT page link and then trying to login (although I do have measures in place that will bounce them if they try to go to the normal login address).

    Bcr8tive~

    • This reply was modified 7 years, 9 months ago by bcr8tive.

    Hi,
    This could be a bad bot that has some bugs in fetching the “login” username or the login URL that could be involved in a brute-force attack on your website.

    However, since you mentioned that these attacks come from all over the world, it’s worth to try testing this out yourself by using any invalid username, make sure to use a VPN connection or your cellphone while trying this one, so you don’t lockout yourself and just in case this happened, you will find this link helpful.

    Thanks.

    Thread Starter pgb

    (@pgb)

    Thank you very much, that’s very helpful.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Many lockouts with the same invalid username’ is closed to new replies.