Yesterday got lots of ‘Failed WordPress login attempt by’ email notifications, 14 emails, showing total of 170 failed login attempts. When I look up the IP address, they are all originating from Cloudflare.
I use Limit Login Attempts Reloaded Plugin on my Wordpress site. I haven’t changed anything, all was fine before. Since getting the emails, I’ve gone and updated anything which needed updating on my site, but still getting emails. What is going on? I need help to get this to stop please.
Do you have an example of one of the IPs?
Sure, here is a selection from today’s attempts
172.69.68.174
172.69.70.95
172.70.131.180
172.70.130.161
172.70.131.222
172.69.69.176
172.69.69.16
Thank you!
They’re from IP Ranges so they’re origin fetches - if you’re not using Cloudflare then it could be something like people using Cloudflare Workers.
You would be able to tell since there’ll be a CF-Worker header present on those requests.
If you are using Cloudflare, are you restoring original visitor IPs?
1 Like
I started using Cloudflare a month ago, so don’t know why these notifications have started coming through. Cheers
Hi, I started using Cloudflare a month ago. I am a very basic user and followed their instructions on how to activate my free SSL. I didn’t see any information about having to restore original visitor IPs. I don’t even know what that means but will take a look at the link you kindly provided. Thanks
Just realised that I don’t even know what webserver I’m using, would I find that out at my hosting people (TSOHOst)? I’m such a novice…
Also, no one has to login at my website, it is purely to advertise my Graphic Design business. So the fact this is blocking attempted logins, does this suggest attacks?
Bot probes, most likely, not anything targeted. It’s normal. I get Wordpress login probes every day and I’m not even using Wordpress. Make sure you have a good password.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.