Made in Chicago Company Directory

neschner
(@neschner)

2 years, 10 months ago

Is it possbile to disable E-mail notification if a host wanted to login via “admin” account? I still want to get all other notifications on other login names.

why?
because the admin user doesn’t exist anymore and I get so much mails that someone wanted to login via “admin” account and got locked out permanently.

Viewing 3 replies - 1 through 3 (of 3 total)

(@nlpro)

Enabling the Security Digest email is an option. The disadvantage is that other emails also won’t get sent.

It’s probably better to check in the Logs page what type of brute force attacks (usually login page or xmlrpc) is generating the “admin” invalid login attempts.

Then configure/enable plugin features that prevent that type of brute force attacks.

+++++ To prevent any confusion, I’m not iThemes +++++

This reply was modified 2 years, 10 months ago by nlpro.

Thread Starter

neschner

(@neschner)

2 years, 10 months ago

How should a admin login be prevented? I already have checked that “admin” logins are automaticly host banned. Thats the reason the email gets generated.

This is my log of the “admin” login. What could be done to prevent this to not get 20 mails everyday?

id               => 85423
module           => brute_force
type             => notice
code             => auto-ban-admin-username
timestamp        => 2021-08-16 05:27:39
init_timestamp   => 2021-08-16 05:27:38
remote_ip        => 162.55.53.198
user_id          => [empty string]
url              => 
memory_current   => 78468880
memory_peak      => 79869296
data             => Array
    details    => Array
        source                 => wp-login.php
        authentication_types   => Array
            0   => username_and_password
    user       => Object WP_Error
        errors       => Array
            invalid_username   => Array
                0   => Unbekannter Benutzername. Überprüfe ihn noch einmal oder versuche es mit deiner E-Mail-Adresse.
        error_data   => Array()
    username   => admin
    SERVER     => Array
        REQUEST_METHOD         => POST
        SERVER_PROTOCOL        => HTTP/1.1
        SCRIPT_FILENAME        => /home/www/wordpress/wp-login.php
        REQUEST_SCHEME         => https
        HTTP_CONNECTION        => close
        HTTP_ACCEPT_ENCODING   => gzip
        CONTENT_TYPE           => application/x-www-form-urlencoded
        CONTENT_LENGTH         => 98
        HTTP_USER_AGENT        => Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
        HTTP_HOST              => 
        HTTP_AUTHORIZATION     => [empty string]
        HTTPS                  => on
        REQUEST_TIME_FLOAT     => [double] 1629091658.1929
        REQUEST_TIME           => [integer] 1629091658

nlpro

(@nlpro)

2 years, 10 months ago

Below the part that tells you that the (admin) brute force attempt seems to be done through the login page:

source => wp-login.php

So enabling the iTSec plugin Hide Backend feature (if not already) could help prevent the login attempts. It depends a bit on whether you have a WordPress Dashboard login link on your home page or not. If so there is no point in enabling the Hide Backend feature;-)

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘admin login notification’ is closed to new replies.

Directory

Tags