Site Lockout Notification

  • Unknown's avatar
    victoria347 · Member ·

    I’m receiving a ton of site lockout notifications. Some are notifying of a ‘user’ and others are ‘a host’ with an IP Address. Is it possible to find out the IP address for a ‘user’? How can I ban the ‘user’? They are trying to get into the backend of the site and keep getting locked out due to too many attempts with the wrong password code. Thanks for your help. I’d like to get to the bottom of this as quickly as possible.

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    dave2swords · Member ·

    Hello

    I’m receiving a ton of site lockout notifications. Some are notifying of a ‘user’ and others are ‘a host’ with an IP Address. Is it possible to find out the IP address for a ‘user’? How can I ban the ‘user’? They are trying to get into the backend of the site and keep getting locked out due to too many attempts with the wrong password code

    I would ask Bluehost if the emails are legitimate to start, since that is where your site is hosted. They may be able to help you with this.

    At the very least, change your password to a really strong one, the guidelines at:
    https://www.howtogeek.com/195430/how-to-create-a-strong-password-and-remember-it/
    might be useful.

    For help with the WordPress software you are using at Bluebost, you should ask at https://wordpress.org/support/

    https://en.support.wordpress.com/com-vs-org/ explains the differences between self-hosted and sites hosted at WordPress.Com
    https://codex.wordpress.org/WordPress_vs_WordPress.com is a more who is who explanation.

    best,
    davve

  • Unknown's avatar
    victoria347 · Member ·

    Thanks for your quick response. I’ve checked with Bluehost and the emails are legit. But they referred me back to WordPress in trying to find who the “user” is and how to eliminate them. I did change my password also.
    I’ll go to WordPress support to check further.
    Thanks again.

  • Unknown's avatar
    drjburrito · Member ·

    You are welcome!
    d

  • Unknown's avatar
    victoria347 · Member ·

    Unfortunately, I’m back asking once again if I can ban, delete, or whatever, a “user” that is definitely trying to hack into my site. I keep getting multiple site lockout notifications that a “user” has tried unsuccessfully to get in. I’ve changed my password , added Wordfence for added security. And still would like to know if it is possible to find out who the user is and ban them once and for all. Thanks for your help. V

  • Unknown's avatar
    drjburrito · Member ·

    Hello again!

    I am sorry that you are continuing to have these difficulties.

    Do you have an email address or some identifying information for the “user”?

    If they are trying to access your site from the “backend”, that is outside of the WordPress part of the equation. Bluehost may have a way of tracking such attempts, but they do not appear very responsive in this situation.

    If they were trying via one of the established user roles (Owner, Administrator, Editor, or Contributor), or as a commenter, then there are plugins available that you could install that can prevent users from accessing your content.

    Again, the help available here is intended only for content hosted here at WordPress.Com, as mentioned in my first reply. The WordPress.Org support may well have a better solution than what is available here.

    The URL for the .Org support, for your convenience, is:
    https://wordpress.org/support/

    Good luck!
    dave

  • The topic ‘Site Lockout Notification’ is closed to new replies.