WPS doesn’t stop hackers!

  • Resolved sallan

    (@salevene)


    6 years, 1 month ago

    I use a complex web login redirect using this plugin. It has 15 alphanumeric characters. It allows a login using this character string.

    If the wrong login string is used, the user is redirected to the home page.

    Every two weeks, I have to change the redirect string as hackers have found it and attempt random login user names and passwords.

    How is this possible?

Viewing 3 replies - 1 through 3 (of 3 total)

  • I had exactly the same problem, clearly there was a leak.

    In my case, the leak was via the xmlrpc.php file.

    I installed Disable XML-RPC

    3000 login attempts the night before – zero in the 3 weeks since.

    Plugin Author NicolasKulka

    (@nicolaskulka)

    yes, install WPS Hide Login for hide login page, but attempt random login via XMLRPC and not login page

    Thread Starter sallan

    (@salevene)

    Thanks a lot. I’ve installed it and we shall see. Or hopefully not.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WPS doesn’t stop hackers!’ is closed to new replies.

Tags