Frequent Failed Login Attempts & Blocked IPs in Wordfence (Is My Site Secure?)
Frequent Failed Login Attempts & Blocked IPs in Wordfence (Is My Site Secure?)
[ad_1]
I’m seeing a lot of failed login attempts and blocked IPs in Wordfence. Why are so many people trying to log in to my WordPress admin, and how can I secure my website better? Should I be worried?
Disabling xmlrpc will reduce the amount of logins – you can do that in Wordfence > Login Security > Settings tab, tick “Disable XML-RPC authentication”
I also recommend setting up country blocking rules in the Cloudflare WAF – there’s a certain group of countries (which you can see in Wordfence > Tools) that only send junk traffic – doing that will usually stop ~90% of malicious traffic.
It’s just bots. It’s normal.
Disabling xmlrpc will reduce the amount of logins – you can do that in Wordfence > Login Security > Settings tab, tick “Disable XML-RPC authentication”
I also recommend setting up country blocking rules in the Cloudflare WAF – there’s a certain group of countries (which you can see in Wordfence > Tools) that only send junk traffic – doing that will usually stop ~90% of malicious traffic.