People can still find my custom login page…

  • Resolved valkala

    (@valkala)


    7 years, 9 months ago

    Hi.

    Recently installed Cerber Security for general security and most importantly the ability disable wp-admin and rename it to something else.

    No one knows about the site yet, but somehow people found the custom login page and are attempting to login with non-existent usernames. How did they find this out? is wp-admin still active somehow?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author gioni

    (@gioni)

    Hi!

    What are your settings? Did you check:

    1. Disable wp-login.php on the Main Settings tab
    2. Disable XML-RPC on the Hardening tab?

    Thread Starter valkala

    (@valkala)

    I have disabled wp-login.phone but not XML-RPC. I wasn’t sure if the second option was related to the wp-admin login access. I have now enabled it. I’ll keep and eye and let you know.

    Thanks.

    Plugin Author gioni

    (@gioni)

    Hackers just use XML-RPC interface as a way to obtain admin password via a brute-force attack. It’s enabled by default and usually unprotected.

    Thread Starter valkala

    (@valkala)

    Hi Gioni, I did actually disable both XML-RPC and wp-login.php, but I’m still getting bombarded with “failed” attempts to login from soviet countries with user names like admin, administrator, https://www.mydomain.

    Any idea what I could be doing instead? I wish I could just blacklist a whole country.

    Plugin Author gioni

    (@gioni)

    Hi valkala!

    1. Change your Custom login URL.
    2. Check Block direct access to wp-login.php and return HTTP 404 Not Found Error.
    3. Make sure that you theme (in a menu) or some widget don’t display the Custom login URL.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘People can still find my custom login page…’ is closed to new replies.