Home › Forums › WordPress Plugins › Hide My WP › Unauthorized login attempts keep comming
- This topic has 7 replies, 2 voices, and was last updated 7 years, 5 months ago by Suman M..
-
AuthorPosts
-
October 20, 2016 at 1:05 pm #12414tntfactoryPost count: 3
Hello,
I have bought, installed and authorized your plugin on my website, but I still get information about unauthorized login attempts. Can you please tell me how can that be possible?
Regards,
ZelOctober 20, 2016 at 1:08 pm #12416Suman M.Post count: 12478Hi, where exactly are you getting information about unauthorized login attempts? And what message so you see there?
October 20, 2016 at 1:11 pm #12417tntfactoryPost count: 3I get the messages from Sucuri Security – Auditing, Malware Scanner and Security Hardening plugin.
Subject: Failed Login
Login Info:
Time: October 20, 2016 12:57 pmWebsite Info:
Site: http://xxxxxxxxxxxx.com
IP Address: 222.231.70.144Notification:
User authentication failed: tntfactoryExplanation: Someone failed to login to your site. If you are getting too many of these messages, it is likely your site is under a password guessing brute-force attack [1]. You can disable the failed login alerts from here [2]. Alternatively, you can consider to install a firewall between your website and your visitors to filter out these and other attacks, take a look at Sucuri CloudProxy [3].
October 20, 2016 at 1:34 pm #12423Suman M.Post count: 12478In HMWP settings, have you enabled these two options?
– Hide Login Page
– Hide AdminIf you have secured wp-login.php with secret keyword, make sure you do not share with anyone.
When you get failed login attempt from Sucuri, does it also tell using which URL someone tried to login?
October 20, 2016 at 1:47 pm #12426tntfactoryPost count: 3Yes, I have setup the plugin, and hided the login and admin. I set the secret keyword, and the email with information from your plugin came to me. So, basically all checks. But yet, I get these notifications, which is kind of frustrating, don’t you think?
Unfortunately, Sucuri does not say from which page the login attempt came.
October 20, 2016 at 3:42 pm #12440Suman M.Post count: 12478Yes, we understand your concern, but we cannot say it specifically until we know when exactly the error is generated, i.e. whether Sucuri sends the above alert when someone actually tries to login or when tries to visit wp-admin or wp-login.php page.
October 20, 2016 at 3:55 pm #12442tntfactoryPost count: 3The thing is, I had at least 30 login attempts since I installed the plugin last night. And, that by itself, is alarm that there is something wrong. This is brand new WP installation, so I am running out of ideas what could cause them to go by your plugin and try to login.
October 21, 2016 at 2:45 am #12449Suman M.Post count: 12478Our question is that, may be Sucuri sends the above alert message when someone tries to access /wp-admin or /wp-login.php and in such case you need not worry as these addresses are no more available.
As Sucuri doesn’t provide with referrer URL we can’t exactly know when the alert is generated.- This reply was modified 7 years, 5 months ago by Suman M..
-
AuthorPosts
You must be logged in to reply to this topic.