backtofront Posted February 20, 2017 Share Posted February 20, 2017 I have a couple of Wordpress sites and a problem with a probe looking for the log in account details. I use Log In Lock which blacklists the IP address. But the probe switches to another. Switches to multiple IP addesses. So many I assume it is merely cloaking the IP address it is using and fooling the plug-in. So I remove the Wordpress log in file. That works for awhile. But more often than not it counters that move and somehow keeps triggering the Log In Lock feature. Any ideas on how to deal with it? Link to comment Share on other sites More sharing options...
KittenKong Posted February 21, 2017 Share Posted February 21, 2017 You need to install a plug-in that changes your admin login page to a hidden URL permanently, like WPS Hide Login. That will normally stop bots from finding it. And look at using a better security plug-in generally. Link to comment Share on other sites More sharing options...
backtofront Posted February 21, 2017 Author Share Posted February 21, 2017 Will do. The bit I don't understand is how the bot triggers the plugin after I remove the wp-login.php file entirely. I must be missing a step. What other precautions should one be installing? Link to comment Share on other sites More sharing options...
KittenKong Posted February 21, 2017 Share Posted February 21, 2017 2 hours ago, backtofront said: Will do. The bit I don't understand is how the bot triggers the plugin after I remove the wp-login.php file entirely. I must be missing a step. What other precautions should one be installing? You dont remove the file. The plug-in just prevents access to it, and only allows access via another URL of your choosing. ie something like "mysite.com/mysecretURL". Read the instructions. Some other things to do are to not have a user with id 1, not to use the username admin, to always use display nicknames rather than login usernames, and increase password strength. Decent security plug-ins will handle most of that for you. Search for "security" in the WP add plug-in screen. Many have millions of users. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now