corrales1
Forum Replies Created
-
Very interesting, thanks for the explanation! This whole underground world of hacking bots is fascinating. At some point I was getting so many attempts with the username ‘{login}’ that I had to include it on the immediate block list in Wordfence.
“feed” makes a lot more sense now — as well as all the other odd ones I often get. Sometimes entire business names are filled out in the login forms (including spaces) and I could not figure out why any hacker would be attempting to gain access through these obviously futile attempts. Now I know! Thanks.
Bots are using these strings hoping to find a vulnerability in the username and then will attempt to crack the password when they find a username match.
Interesting, thanks for the explainer. But out of curiosity, how do the bots match “{login}” or “no_matches” to an actual user name? Why would any user pick a name with those things in their real user name string?
Today, WordPress alerted me on one of my sites that someone tried to use “feed” as a username to gain access. What human would choose “feed” as their user name? I don’t understand how the bots would piece together a real username being so far off-base.
Anyway, thanks for providing this life-saving plugin!
Forum: Fixing WordPress
In reply to: Is there a known Chrome bug with WP 4.3 on Mac?Thank you Samuel Wood (Otto) – your fix worked nicely.