Too many failed login attempts

  • I have gotten 8 emails in the last 12 hours noting that several IPs have been blocked from logging into my site due to “Too many failed login attempts”. The problem is – my own IP at home is included and I did NOT attempt to login multiple times.

    In addition, I do not have any plugins installed to do this. I have no idea why this is happening. My site had been hosted at Bluehost until today when my migration over to Media Temple was complete. I was told to wait until the lock-out expired (tomorrow morning) then to login again and see if it stopped happening but it feels like someone is attempting to hack my site and I can not even get into myself.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Brute force attacks are very common and can be dangerous if you don’t have anything to stop them.

    If you want to keep it simple, I would download the plugin “Limit Login Attempts” but I would recommend you download the plugin “Wordfence” for the better protection.

    It has a built in shield against brute force attacks and gives you email notification with the IP of the person that tries to force their way in with the IP so you may block it.

    IPs from China Russia and Turkey are ubiquitous. I personally block any of IPs from those area when they try to brute force, but when it’s someone from the U.S. I think twice since my target demographic is U.S. and there is a chance that when you block an IP you block a huge area of that region not just blocking one person.

    Thread Starter rosebakes

    (@rosebakes)

    But how do I figure out what is blocking me and and the attacks so I can temporarily turn it off and get into my own site? I don’t have Limit Login Attempts installed right now but I’m getting emails. I’ve been told this is not a standard feature of WordPress, so I need to know what is limiting me from getting into my own site.

    Oh sorry I did not fully understand your original posting. So you are basically locked out form your website.

    The emails is usually a feature of Wordfence from my experience. Maybe you actually installed Wordfence and forgot to put your IP in the whitelist.

    Don’t try to keep logging in or it will trigger the lock out to increase. You can either wait it out a few days to week or you can try logging in through some proxy server so you can bypass the IP block but that risks re-triggering the timer on the lock out.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Too many failed login attempts’ is closed to new replies.