Not Working?

Hi,

Most likely it’s because Simple History is catching the failed login attempts before Login LockDown. Have you tried to see if Login LockDown has any issues when Simple History is not enabled? ??

I’ve been running Login LockDown for months. I only installed today Simple History because it seemed strange there was zero on the Activity tab after all that time. There are loads of failed attempts in the wp_login_fails table.

I just tested it again, including with WordPress 6.1, and see no issues… I get locked out as soon as I hit the number of failed logins.
Has Login LockDown worked in the past?
There can be many failed logins in the table but if there are no X attempts from the same IP during the time you have set then the lockdown will not be set.
Maybe there’s a conflict with something else? Have you tried disabling all other plugins to see if maybe it’s another plugin?

Short history:
I installed the Limit Login Attempts Reloaded plugin many months back and got suspicious because it was recording hundreds of attempts a day — far more attempts than visitors — and there were several other signs it was a scam.

So I got rid of it and installed your plug in. Everything went to zero and all seemed good.

But there was never anything in the Activity tab and that eventually got the spidey senses tingling so I installed Simple History.

Stuff is still going into the wp_login_fails table (I assume that’s one of yours?) even with Simple History installed but no one is getting blocked and nothing is on the Activity tab.

Like I said, “Lockout Invalid Usernames” is set to Yes and all of the login fails are from invalid user names.

Obviously this isn’t an easy thing for me to test because I don’t want to block my own IP address. But I risked it anyway and a wrong user name just rolled me back to the login page with the standard WP error message.

P.S. Thanks for the quick responses!

Update: I put in an XMLRPC blocker and the login attempts have gone back down to zero.

Rats, spoke too soon. Just got another few “Failed to login with username “xxxxxxxx” (username does not exist)” but Login LockDown shows zero activity when it should have locked them out.

Since I see you are expecting it to lock out that IP immediately, have you set Max Login Retries to 1? Otherwise they will need to try and fail multiple times from the same IP address…

That’ll be it. Looking through the data, the attack is spread across multiple IPs with each one being used less than once per hour. Presumably to dodge most time-based restrictions.

I’ve set it Max Login Retries to 1 so we’ll see what that does. About to clock-off for the day, will update you in the AM.

Thanks again for the help.

OK, this AM there are loads of locked IPs in the Activity list. Phew! Thanks ??

It does leave some questions and thoughts though…

I run two different sites and one of them had ~2500 login attempts over the last two weeks (can provide a dump of the wp_login_fails table if you want) with most of the IPs repeating 5+ times. Alongside your Retry Time Period Restriction setting, would it be a good idea to have other settings to deal with that kind of distributed attack? E.g. instant lock out for a list of user names because no one trying to login in as “admin” has good intentions?

Would it be a good idea to show failed logins on the Activity tab even if they weren’t locked out? Just a simple last 30 days or last 50 entries from wp_login fails? I’m not comfortable with ~2500 login attempts but no heads up.

On the bright side, we now know Simple History is compatible with your plug in. (There’s my heads-up.)

Where are these attacks coming from? Almost all of them are from server hosts of one kind or another. I suspect the plugin installed before yours, Limit Login Attempts Reloaded, makes sure you get plenty of failed logins to encourage you to sign up for their paid service. Life is too short for me to do a code review and Wireshark it so I don’t have proof but let’s just say there were a lot of fingerprints ??

Anyway, the above are just suggestions/comments not expectations. Thanks again for the help and the plugin ??

• This reply was modified 2 years, 4 months ago by arronrouse.

Thanks for the suggestions! I will add them to our ToDo list ??