Authorizer login disables with stronger lockouts
-
Hi Team,
I need help regarding the Authorizer plugin. The plugin works well in all aspects, but I am facing some issues.
My website is facing a Bruteforce attack(ie, random user logins are carrying out with non-existing user names(I checked them against our ldap) and some usernames already existing, but they were blocked by your auth_settings_advanced_lockouts_failed_attempts meta value.).Whenever a failed attempt occurs, auth_settings_advanced_lockouts_failed_attempts in wp-options table increments and all users who try to log in to the website is blocked saying “There have been too many invalid login attempts for the username” even if the user tries with the correct credentials. The user who carries out a fresh login with correct credentials is blocked by this. How can I resolve this?
Any help would be appreciated. Thanks in advance.
-
Hi Paul,
I tried Ithemes security plugin, it works well but there is no effect of this plugin along with the authorizer lockout feature. So how can I disable this feature?
I could see a section like this, but not sure how to disable this.
After 10 invalid password attempts, delay further attempts on that user for 1 minute(s). After 10 more invalid attempts, increase the delay to 10 minutes. Reset the delays after 120 minutes with no invalid attempts.
- The topic ‘Authorizer login disables with stronger lockouts’ is closed to new replies.
