Many login lockout notifications

  • Resolved barbccfl

    (@barbccfl)


    1 year, 2 months ago

    For the past several days I have been receiving multiple login lockout notifications. I see here that others have had this issue. However, in my case I did not have the XML-RPC disabled prior to the last update. I am making that selection now to see if that eliminates the login attacks. Here is the beginning of the Stack Trace, does this indicate it is an XML-RPC vulnerability that is allowing the attempted logins?

    [16]=> array(6) { [“file”]=> string(63) “/homepages/8/d654742391/htdocs/clickandbuilds/LaFara/xmlrpc.php” [“line”]=> int(87) [“function”]=> string(13) “serve_request” [“class”]=> string(16) “wp_xmlrpc_server” [“type”]=> string(2) “->” [“args”]=> array(1) { [0]=> string(0) “” } }

    Whoever is behind this keeps trying to use the same login ID (which I have now listed as an automatic lockout) but they then try from another IP. I had 8 attempts yesterday, but prior to tightening my dis-allowed login ID list, I was getting 8 per minute!

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @barbccfl

    XML RPC call of wp_getUsersBlogs is trying to authenticate the user which is invalid login attempts and makes login lockout notifications. You can cross check in stack trace.

    WP Security > Firewall > Basic firewall rules tab > Completely block access to XMLRPC , Disable pingback functionality from XMLRPC Please check both and Save.”

    Regards

    Thread Starter barbccfl

    (@barbccfl)

    Thank you for confirming the solution. I made the changes earlier today and have had no more login lockout alerts.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Many login lockout notifications’ is closed to new replies.