[ad_1]
Hello,
I am using Limit Login Attempts on both my websites and I keep receiving failed login attempts from IPs like [10.30.25.5]), [10.30.25.6]). It knows the correct admin username but also tries “admin”.
Where could this be coming from? ChatGPT said that the fact that the IP is a “private address” suggests the attacker is “within \[my\] local network”. Nobody in my actual local network has any technical knowledge whatsoever. Why is this happening?
Thanks a lot!
[ad_2]
Are you behind a load balancer or reverse proxy? Those are probably the IP’s of the balancer. They usually put the original IP as a forwarded-for header in the http request.