Notification of lockdown event, no locked out addresses visible

Hi, what is the Time Length of Lockout (min): set to? Located under User Login -> Login Lockdown.

Thank you

• This reply was modified 5 years, 1 month ago by mbrsolution.

60 min
Never had this problem before this past week. FYI, I also had Wordfence running until then and have just deleted it to only have All in One running. These notifications started then.

Hi,

After 60min the ip address is released. I think this is what is happening in your site. You should increase this time to something higher.

Do you have one of the following Brute Force feature enabled? This will also help you a lot.

Rename Login Page
Cookie Based Brute Force Prevention

Kind regards

Just increased the lockout time.
I have renamed my login page.
Do I ALSO need to activate the Cookie Based Brute Force Protection?
And why don’t the locked out addressed show on the ‘Locked out IP-addresses’ tab? (Debugging is now checked on, don’t see any reference to a lockdown in the log…)

Thanks

I meant that I had already renamed my login page – several years ago.

Hi,

Just increased the lockout time.

That is good. Now lets see what happens.

Do I ALSO need to activate the Cookie Based Brute Force Protection?

No, if you already have Rename Login Page enabled.

Kind regards

A lockdown event has occurred due to too many failed login attempts or invalid username:
Username: admin
IP Address: 210.195.233.139
Getting these messages constantly from WP Security
I changed wp-login.php to some other login page
I checked to see in wp-login.php was still available. It was not because i get a 400 screen.
I whitelisted my IP address. but that didn’t helpe
So how is someone login in with admin as the user?

@ajit49, can you start a new support thread.

Thank you