No traffic is showing on my dashboard, but I’m getting 6-8 attempted logins each hour. Everything is showing as properly configured.
Where is it?
They are attempting to access the /WP-login.php page of my site. I am getting notifications via email and seeing live traffic.
Are you able to find out the source IP address of the login attempt?
Yes, there are several. What’s concerning is that cloud flare shows no traffic incoming at all for this account. None. Not a single hit. I can’t block what they don’t see.
By performing an IP lookup, were those IP addresses came from Cloudflare (ASN 13335)?
I don’t understand the question. The IP addresses are being reported to me by wordfence, a security plugin for random hack attempts. Cloudflare is reporting zero visits to the site, yet there are clearly many visits.
A user with IP address 188.8.131.52 has been locked out from signing in or using the password recovery form for the following reason: Used an invalid username ‘reliccars’ to try to sign in.
The duration of the lockout is 2 months.
User IP: 184.108.40.206
User hostname: 220.127.116.11
User location: Phnom Penh, Cambodia
This is what happening to you right now.
If the attackers already know the real IP address of your server, they can simply launch an attack directly to the server without even Cloudflare knowing.
What you need to do is to configure firewall IP whitelisting on your server so that only Cloudflare IPs can communicate with your server but not others.
Thank you so much - I appreciate your help. I’m still confused why Cloudflare isn’t showing any traffic, though. Not even normal traffic. It’s completely zeroed.
Have you enabled proxy ?
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.