Brute force solution not working
I've tried the htaccess solution with both domain and IP methods but I've had no success in gaining access to my blogs (5 or 6 on our site). Should the .htaccess file go in the home directory of the blog (which is what I've been doing), the wp-admin directory of the blog, or the public_html root of the site? This is very frustrating.
I apologize for the issues with your websites. I gather that you had followed our guide on <a href="http://www.inmotionhosting.com/support/edu/wordpress/lock-down-wordpress-admin-login-with-htaccess" target="_blank">how to lock down WordPress admin login with .htaccess</a> based off the rules I'm seeing in your files.
Each <strong>.htaccess</strong> rule would need to be placed in the installation directory of your WordPress website. So if you installed WordPress in a addon domain <strong>example.com/wordpress</strong> for instance, the <strong>.htaccess</strong> rules would be placed in <strong>/home/userna5/public_html/example.com/wordpress/.htaccess</strong>.
There was a <a href="http://www.inmotionhosting.com/support/news/general/wp-login-brute-force-attack#referer_error" target="_blank">.htaccess referer error</a> published for a short time, where our publishing platform stripped a space from the rules, rendering them incomplete.
I went ahead through all of your websites and corrected that for you. Sorry once again for all the troubles. Please let us know if you still are encountering any issues at all.
Like this Question? Tweet