CSNAssistant

Ok I will try these things. Thank you for your assistance. I will resolve this thread.

The connection times out, and I need this to up and running as soon as possiblle

So what I did was that I updated my WordPress and added iThemes. In iThemes, I started some features, but now my website is down. Anything I can do to get it back?

https://www.stemcellrevolution.com

Thank you for your suggestions. I feel better knowing that it may just be random attempts at accessing.

I will implement these suggestions soon. I will close this thread afterwards so that I can give one status update before it is closed. Thanks again to both of you

Update: It worked. I haven’t gotten any more attempts. Thanks a million!

To those who are reading this sometime in the future, if you have a similar problem with possible hackers, this is what I suggest, based on my own experience and this thread.

1) Scan your site using https://sitecheck.sucuri.net/scanner/ or https://www.unmaskparasites.com/

2) Download Simple History, which can show you if there are anymore changes or failed login attempts.

3) Check your themes and plugins to verify that it is not the issue.

4) Finally (This was my problem) Check the admin account. If that is the problem then delete or rename it.

Thank you esmi for helping me.

Ok. Then based on a quick look through, I found three distinct IP addresses. Perhaps they will be useful to you in any other future troubleshooting.

204.152.255.23
67.18.3.37
193.0.146.118
EDIT: 97.79.239.135

Thank you very much and I will reply with an update as soon as I can. If anyone else has any other suggestions or pieces of advice, then I would be appreciative.

Thank you. I will take the time to review the material. If I no longer get attempted login messages by tomorrow, then I will close this thread.

One more quick question: when Simple History says:

REMOTE_ADDR: 193.0.146.118

Is that the IP Address?

I would like to thank you for taking the time to help me out by the way. There has been no change when I checked the plugins and theme

We have a 3 users on our site, which are made of people that I work in close contact with every day, so I do trust them. The Admin account is not normally used anymore, so it is just an account that we have in case we need it, which happens to also be the account that someone/something is constantly trying to access according to Simple History.

User admin failed to log in because they entered the wrong password
1 hour ago by <Unknown or deleted user> Details
+ 141 occasions

And under Details it says:

HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 5.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/23.0.1271.17 Safari/537.11
HTTP_REFERER:
REMOTE_ADDR: 193.0.146.118

I have tried to switch themes, but have had no success. I will check the plugins now to see if they are the issue. I do have several plugins that are inactive, so I will delete those as well. Until then, should any other precaution or scan be taken on my part?