[ad_1]
[ad_2]
So i just found that out after removing the "Smart Captcha Solve" virus manually from my website (no plugins worked sadly, even wordfence couldnt detect that virus before) i got notifications from wordfence about that someone is trying to log in into my account and some actually did but it blocked those attacks. Is those hackers trying to get my unauthorized access again? What should I do? I see every bot tries logging on to the /xlmrpc.php which is seem to be a attack from hackers. I enabled plugin that disables xlrmpc.php.
Here are some recommendations:
If possible enable MFA in wordpress. This will block password based login attempts all together. You can find the option in WordFence here:
/wp-admin/admin.php?page=WFLS#top#manage
Then I recommend disabling XML RPC Auth. visit
/wp-admin/admin.php?page=WFLS#top#settings
and check “**Disable XML-RPC authentication”**
If you setup MFA, then also make sure “**Require 2FA for XML-RPC call authentication”** is set to “**required**”
Another thing you can do is mess with the brute force settings in wordfence here:
/wp-admin/admin.php?page=WordfenceOptions
On this page, there is a section “**Brute Force Protection**”
Here you can configure how soon a person is blocked by wordfence. I recommend lowering the thresholds and increasing the timeout period.
Something like
“Count Failures over” 6h
“Lockout for” 6h
“Lock out after how many login failures” and “Lock out after how many forgot password attempts” to 10 or so (too low and you may block yourself)
These above measures will ensure you are safe.