how are they logging in – HMW missing it?

This topic is: not resolved

This topic has 7 replies, 2 voices, and was last updated 9 years, 1 month ago by Suman M..

Viewing 8 posts - 1 through 8 (of 8 total)

Save

Author

Posts
November 23, 2015 at 9:44 am #6034

ams13
Pro
Post count: 47

Hi

I sometimes get backdoor login attempts on to our wordpress site even though the admin url is changed to something unique, and there is no way anyone would know what it is.

I am using HMW and also wordfence. Wordfence send me the report for every failed login.

I will send report in my next message.

How come HMW cannot block these attempted logins?

Please advise.

Thanks

November 23, 2015 at 9:45 am #6035

ams13
Pro
Post count: 47

This reply has been marked as private.

November 23, 2015 at 4:08 pm #6045

Suman M.
Post count: 12478

Hi, are you sure that the login secret code is not known to anyone else. Does wordfence also report the request url from where the login attempt is being made? Also let us know your website URL.

November 23, 2015 at 7:06 pm #6060

ams13
Pro
Post count: 47

This reply has been marked as private.

November 24, 2015 at 4:38 am #6065

Suman M.
Post count: 12478

It possibly could be bots trying to randomly access the websites. It would be difficult to know until we know the source url of this request. Are these requests also logged in HMWP intrusion log (Dashboard >> Intrusions)?

November 24, 2015 at 10:04 am #6071

ams13
Pro
Post count: 47

This reply has been marked as private.

November 25, 2015 at 11:09 am #6088

ams13
Pro
Post count: 47

This reply has been marked as private.

November 26, 2015 at 2:34 am #6096

Suman M.
Post count: 12478

Hi, we’ve noted this down and we’ll definitely come up with the improvement regarding attacks via xmlrpc in the upcoming versions of the plugin. Thanks for reporting.
Author

Posts

Viewing 8 posts - 1 through 8 (of 8 total)

Save

You must be logged in to reply to this topic.