Zagaz

I would like to extend my sincere thanks to the @wpswings team for their prompt response. This is wonderful news, and I truly appreciate your support and assistance!

Here, still the same, even with the function @witcher83 gave.

My Payment Method is PayPal.

Same here.

One more thing. The ideal is to FORCE every user role to have a 2FA login, is it possible?

We found out the cause for brute force attacks. Attacks were coming through XML-RPC feature. Though we have enabled checkbox for “Completely block access to XMLRPC” but we were still receiving hits. Is this broken?

As a workaround, We’ve disabled this feature from WPEngine console for now to stop brute force attack.

Thank you for all help.

Hello Team,

We’re not using any custom login page other than default WordPress login form.

We’ve enabled the below features but still seeing failed login attempsts every hours.

• Rename login page
• Cookie based brute force prevention
• CAPTCHA
• Honeypot

For now, We are locking IP address based on failed login but Is there a better solution?

Is there a custom code where we can enable this feature – Block some user roles from logging in?

Or, Is there a custom code/filter to disable/block existing users by putting the username in “Instantly lockout specific usernames“?

“Enable PHP backtrace in email”: Enabling this feature is causing a critical error whenever the user is locked out.

“Allow unlock requests” – How does this feature works?

Hello Team.

We really need your help on this matter. Any response might help us.

On the “Failed login attempts” we see multiples attempts using the usernames with different ip’s.

Is it possible for an attacker to login WordPress without going through the custom login URL?

Thanks in advance.

• This reply was modified 1 year, 9 months ago by Zagaz.

We have enabled below options in Brut Force section:

• Rename login page
• Cookie based brute force prevention
• CAPTCHA
• Honeypot

But we are still seeing failed login attempts.

• This reply was modified 1 year, 9 months ago by Zagaz.

Hello Team!

What I have enabled is: Renamed Login Page and reCAPTCHA.

Disabled: Cookie and Whitelist

Renamed Login Page:

ReCAPTCHA

The Cookie Based brute force prevention is DISABLED.

• This reply was modified 1 year, 9 months ago by Zagaz.

Working fine now!!!

Thanks guys!!

Outstanding!!!

• This reply was modified 2 years ago by Zagaz.

wELL,

I’m using twenty-twenty theme.

And yes, when I deactivate the plugin, the problem is gone.

• This reply was modified 2 years ago by Zagaz.

El plugs tiene um error en la nueva atualizacion.
Tienes que usar a version mais antigua del plugin.

I was able to do it!

add_filter( ‘wpseo_opengraph_image’, ‘yoast_seo_default_opengraph_change’ );

function yoast_seo_default_opengraph_change($url) {
$url = ‘https://myblog.com/wp-content/uploads/default_image.jpg’;
return $url;
}