[ad_1]
I get attempts like this daily
What do I do:
A user with IP address 18.156.192.119 has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: ‘admin’.
The duration of the lockout is 4 hours.
User IP: 18.156.192.119
User hostname: ec2-18-156-192-119.eu-central-1.compute.amazonaws.com
It seems like you’re experiencing repeated unauthorized login attempts on your website. Here are some steps you can take to enhance security and prevent these attempts:
Implement a Strong Password Policy
Enable Two-Factor Authentication (2FA)
Limit Login Attempts
Monitor User Activity
Use Smart Lockout Features:
Update Security Regularly
Security Plugins
Educate Users
If you want then I will help you solve this problem
This happens all the time. It’s bots. Get All In One Security, Wordfence, or any other security plugin.
Looks like brute force attack, You can get this auto blocked by firewall, Do not use standard admin or simple password. Change the location of admin login there are plugins that can help you do so e.g hidemywpghost . As suggest use 2FA which is effective as well.
Keep in mind, once you increase your security with 2FA, WordPress and login limits you will still get 1000’s of attacks but at least your site is 99.9% locked.
Cloudflare WAF rule, block the ip address or a range or its ASN.
configure blocking to activate on less amount of failed attempts, and set up 2fa if your login page is getting targeted so often.