[HELP] WP Rocket detetect unauthorized login

Hello to all,
today I received warning from WP Rocket firewall, the IP has been lockout 'cause exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: ‘admin’.
I searched in the global IP db and the IPis assigned to 13335 - CLOUDFLARENET DB-IP link

Someone can gimme more info?

You are likely using Cloudflare, and have not set up proper logging/configuration of the proxy headers, so this would be normal and expected as all inbound traffic flows through Cloudflare. If this is the case, check your security package for an option to use proxy headers to identify IP addresses.

It is also possible that a Warp user connected through Cloudflare, if so, this connection would originate from Cloudflare as well.

Hi, I am little confused, I have configured wordpress and wp rocket for use cloudflare, but strange the firewall block an ip that tried to access by wp-admin, now I have change login address with hide login plugin.

Maybe I understood, i enable the Cloudflare “CF-Connecting-IP” HTTP header to get a visitor IP in wf settings.

I also get the same issue on my site LOG.NG …someone please help with a fix

This topic was automatically closed after 14 days. New replies are no longer allowed.