Security software still reporting password recovery attempts

  • Resolved cjsebes

    (@cjsebes)


    1 year, 5 months ago

    The other day, I received a couple of hundreds emails from my WordPress security software alerting me that another user’s IP address has been locked out from trying to sign in or use the password recovery.

    I’ve set up a URL for the hidden login.

    I’m using PHP 8.1, I’ve deactivated XMLRPC in my PHP settings, and am using WPS Hide Login in conjunction with Stop User Enumeration. Is there something that I’m missing?

    Thank you!

Viewing 15 replies - 1 through 15 (of 16 total)
  • Plugin Support MaximeWPS

    (@seinomedia)

    Hello,

    Thanks for using WPS Hide Login.

    Is there any comments box allowing to sign in from there ?

    Hi, I have the same issue. I change the url 2 times this last 12 hours, with a very strong url, impossible to break it, and still receive attempts (I had this issue since a long time, but since a couple days it’s hundred of attempts per days). I looked for a link somewhere but didn’t find any, is there a process to find it ?

    https://www.learning-sphere.com/

    Thank you.

    Thread Starter cjsebes

    (@cjsebes)

    None of my pages have comments enabled and I have no posts. However, I do have a page with a contact form.

    Plugin Support MaximeWPS

    (@seinomedia)

    Is your “Anyone can register” option checked in your settings ?

    Are you using a membership plugin ?

    Thread Starter cjsebes

    (@cjsebes)

    No one is allowed to register as this is only a site for a an freelancer’s portfolio. No membership plug-ins at all.

    Plugin Support MaximeWPS

    (@seinomedia)

    I think about a conflict with another plugin which allows a function that may not be compatible with WPS Hide Login.

    But I understand it’s difficult to deactivate every of theme except WPS Hide Login to check that…

    Hi, on my side, I have WPS Team (no one can register), Limit Login Attempts Reloaded and Broken link Checker which could maybe interfer (some other for cookies and edition).

    Thread Starter cjsebes

    (@cjsebes)

    I’d like to know where to start. What types of plug-ins can cause problems with WPS Hide Login?

    • This reply was modified 1 year, 5 months ago by cjsebes.
    Plugin Support MaximeWPS

    (@seinomedia)

    At least anyone…
    At first, check if your install is up to date (core, plugins, theme).
    Check if your install is clean too.
    What are the plugins you’re using ?

    Hi, since you have no answer from the author, I will list my plug-ins if something ring a bell to you.

    Note that from a couple of days, the connexion attempts have dropped.

    ? Advanced Editor Tools
    ? Broken Link Checker
    ? Contact Form 7
    ? EditorsKit
    ? Fonts Plugin | Google Fonts Typography
    ? IONOS Assistant (installed by deffault)
    ? iThemes Security
    ? Limit Login Attempts Reloaded
    ? Real Cookie Banner (Free)
    ? WordPress Importer
    ? WPS Hide Login
    ? WPS Team

    That’s it, all up to date, all clear. Template: twenty twenty-three.

    I looked in the html code of all pages (I guess, the website doesn’t have many pages) without finding any reference to the connexion page.

    Thank you.
    Regards

    Plugin Support MaximeWPS

    (@seinomedia)

    @hdready-graphic
    Did you deactivate xml-rpc in Itheme Security ?

    The plug-in is installed, but not activited.

    I have activated the plug-in and desactivate the option, let’s see what append. Thanks.

    Plugin Support MaximeWPS

    (@seinomedia)

    Ok.
    Let me know what happens ??

    Hi, since the 10/10, we have no more attempt, so it seams to solve the issue. Do you have an idea how the hackers could get the connexion url with xml-rpc ?

Viewing 15 replies - 1 through 15 (of 16 total)
  • The topic ‘Security software still reporting password recovery attempts’ is closed to new replies.