Have a client who is getting the lockout screen. Upon looking at his logs I see the hacker(s) using his legit IP address and his username, mine and othe non-existent names. Is there anything than can be done to keep the client from being blocked or banned if a hacker is spoofing his IP? Not even sure how they would get his IP in the first place.
Attaching screenshot below and the settings are…
How does Wordfence get IPs:
Let Wordfence use the most secure method to get visitor IP addresses. Prevents spoofing and works with most sites. (Recommended)
When I geolocate the IP address it looks like it possibly could be for Google servers used by his host. Is it possible Wordfence is interpreting all logins from the same IP as the server and not the user?
Thanks.
- This topic was modified 2 hours, 10 minutes ago by .
- This topic was modified 2 hours, 8 minutes ago by .