If you’re visiting this page, most likely it is because you have been locked out of your WordPress site and cannot login. In this tutorial, we’ll explain exactly what has happened and how you can regain access.
Why has my WordPress Dashboard been blocked?
Access to your WordPress Dashboard has been blocked because our systems have detected a possible attack against your site. We have blocked access to prevent the hackers from continuing to target your website.
How long will this block be in place?
The block will be in place for usually 15 – 20 minutes. This means that neither the hackers nor yourself will be able to access your WordPress Dashboard. After the 15 – 20 minutes has passed and the block has been removed, the login page for your WordPress website will be available again. This also means however that hackers can once again target your site, cause the block to occur, and the vicious cycle to continue. This can be frustrating if you’re trying to login, we understand, and we’d like to help you permanently resolve this issue.
How can I fix this issue
There are generally two things you can do to fix this issue for the long haul. The first option is to hide your WordPress login URL from hackers. They won’t know where to try to login to your site from, and the blocks should stop. The second option requires you to edit your .htaccess file (can be difficult if you’ve never done it before).
OPTION #1 – Hiding my WordPress login page – RECOMMENDED
As explained above, if you hide your WordPress login page, hackers won’t be able to find it. If they can’t find it, they can’t bruteforce your website and try to attack it! Problem solved!
To hide your WordPress login URL:
- You must first wait for the block on your WordPress login page to be lifted. It usually lasts roughly 15 – 20 minutes.
- After the block has been lifted, follow the steps in this article to change / hide your WordPress login page from hackers.
OPTION #2 – Block ALL access except your own IP address – ADVANCED
If you’re familiar with editing files and you’re comfortable with editing your .htaccess file, you can follow the steps in this article to block all IP addresses except your own to your WordPress login page. This will stop hackers from reaching your login page all together.