Scott Dayman
Forum Replies Created
-
Sounds like a bug, but I’d start digging through the database for signs of the old email address.
Forum: Plugins
In reply to: [Wordfence Security - Firewall, Malware Scan, and Login Security] Blocked IPsI believed that Blocked IPs will show up in your .htaccess near the top. Check there and see.
If it’s the Blocked from Login, then I dunno…those don’t go in .htaccess.
Go to another hosting company.
1) They don’t recognize the value of the outgoing email…that’s going to a single email address…that nobody’s complaining about.
2) Their customer service is “limited”…to put it politely.My host only offers IPv6 as an option, so I have it turned off.
CloudFlare looks like it can feed your site IPv4 from IPv6 users.I don’t know. Neither do most people here. Double-posting isn’t going to help you get more help.
No. I think it’s on their ToDo list.
You could put them in your own section of .htaccess
In addition to Wordfence, I use Cloudflare. It has some security options (including country blocking) and does a pretty good job of filtering out attacks.
I don’t have Live Traffic enabled, so I don’t watch that, but I do see invalid usernames get blocked in my Blocked IP page.
Again, it blocks the IP address, which should show up in the second tab for Blocked IP. A first attempt from a new IP address will get through, but not subsequent attempts.
For how long do you have your blocks set in Login Security Options?
Do you have access to your server logs? If so, try watching the logs:
tail -f /path/access.log
tail -f /path/error.log/path/ is your full path.
You can also try to trigger a DHCP refresh on your home IP address. My home router lets me do this, or you could try power-cycling your cable (or DSL) router. Sometimes it’ll get you a new IP address.
As an aside, I’d also sometimes get completely blocked from my site(s) during heavy development cycles – no http, no sftp, no ssh. And then it’d clear up. My hosting provider said they couldn’t find anything, but I suspect it was on their end. Probably something that got triggered by all my various accesses to the site in a short amount of time. Using my cellphone as a hotspot, as you did, got me access.
Yep, that happens to me, too. I have a Facebook plugin that shows recent Facebook activity. So I don’t use Falcon on those sites; just the basic 2x-3x speed cache.
I meant plain as in “flat-out.” Not as in “kind of” or “sometimes.”
Steven Stern, that article shows the attack is limited to one user on the server. All my sites are set up under different users. A well-configured server won’t let this attack spread to other user accounts.
Jan, the Wordfence plugin now has the option to auto-update.
That’s really not that much. I don’t bother with those email alerts since my sites regularly get such login attempts.
You can’t discourage it, so just let Wordfence do its job. And make sure your legitimate users have strong passwords. And don’t have a username “admin.”
You could just set up your email to filter out such messages.
I’d be curious to find out how another account on a shared server could hack into your website.