Too many failed login attempts - is it a hacking attack?

BettingMalta

Affiliate Guard Dog Member
Joined
May 24, 2014
Messages
84
Reaction score
7
Hello guys,

I'm receiving a lot of alert message about failed login attempts. It seems an attack and, as you can see from the text below, I'm using wordpress.

Any suggestion on what is happening? What should I have to install (security plugins for wordpress)?

[] Too many failed login attempts

From WordPress Date Fri 06:12

16 failed login attempts (4 lockout(s)) from IP: 121.54.32.99
Last user attempted: test
IP was blocked for 24 hours


Thanks for your help
 

DaftDog

Affiliate Guard Dog Member
Joined
May 15, 2007
Messages
675
Reaction score
432
I assume you are using Wordfence and that is how you are receiving these notifications. This is not really anything to be too worried about as long as you have a very good password. I would perhaps extend the blocking period to a month to keep the riff-raff out. These bots search the web for WordPress sites with weak passwords.

They also search for vulnerable plugins and themes, so always make sure all your software is up to date.
 

BettingMalta

Affiliate Guard Dog Member
Joined
May 24, 2014
Messages
84
Reaction score
7
I assume you are using Wordfence and that is how you are receiving these notifications. This is not really anything to be too worried about as long as you have a very good password. I would perhaps extend the blocking period to a month to keep the riff-raff out. These bots search the web for WordPress sites with weak passwords.

They also search for vulnerable plugins and themes, so always make sure all your software is up to date.


Thx ixian for your feedback,

I receive the alerts from this plugin:
Limit Login Attempts Settings
 

roey

From Pandora.
Joined
Feb 22, 2012
Messages
234
Reaction score
19
I use sucuri, 16 in 24 hours isnt so bad tbh, I can wake up to 30 emails with failed logins and more will pop up throughout the day.

Test, admin, yoursitename all generic bot attacks.

Keep a strong username and password, its the successful logins you want to be afraid of, the ones when you know it wasnt you.

Korea and Russia seem to be where the attacks are coming from in my case.
 

LandofOz

Affiliate Guard Dog Member
Joined
Mar 25, 2009
Messages
710
Reaction score
280
Hello ReLeone. I get these all the time. They are automated login attempts.

Firstly, I would change the settings of the Limit Login Attempts plugin to something like:

Lockout 3 allowed retries
1440 minutes lockout
2 lockouts increase lockout time to 9999 hours
9999 hours until retries are reset

Secondly, I'd add the SI CAPTCHA Anti-Spam plugin which is another field that the hacker must enter into the login form. An automated program will not be able to read it.

Thirdly, I'd add the Stealth Login plugin which is another PIN / Password field that the hacker must know to access your dashboard.

Fourthly, I'm also using the Rename wp-login.php plugin which completely hides the /wp-admin/ folder.

Fifthly, you can also password protect the /wp-admin/ folder via the .htaccess file

The first 4 plugins should be enough though.

I'd also recommend installing a couple of firewall plugins to safeguard your site against other hack attempts.
 

BettingMalta

Affiliate Guard Dog Member
Joined
May 24, 2014
Messages
84
Reaction score
7
thx roey and LandofOz,

another 2 questions for you all:
- does the installation of multiple security plugins reduce the loading speed of my website?
- what kind of plugin do you use for the full security of your wordpress website? (antivirus-firewall-login protect-etc)

Thx
 

LandofOz

Affiliate Guard Dog Member
Joined
Mar 25, 2009
Messages
710
Reaction score
280
- does the installation of multiple security plugins reduce the loading speed of my website?

It depends on your server/hosting service and the plugins. I have many more plugins installed and haven't experienced a reduction in the site's speed.

- what kind of plugin do you use for the full security of your wordpress website? (antivirus-firewall-login protect-etc)

The best overall one is wordfence but it is resource intensive, so you might get an email from your hosting service about it.
 

Mark Wright

New Member
Joined
Mar 23, 2015
Messages
14
Reaction score
3
Use ithemes security. That plugin does it as (as well as renames your wp-admin and wp-login files so hackers cant access your login screen)
 
Top