0
Answered

Wordpress Login Temporarily Disabled (again)

stevenjbarnes 7 years ago in Blogs and Content Management Systems / WordPress 0
Hi there:

All of my wordpress sites are once again not accessible for login to the admin panel. I am getting the 'Wordpress Login Temporarily Disabled' screen anytime I try to login.

Things were working fine for the past two weeks after I setup the .htaccess files to block all but my ip and a few others. Any help would be appreciated. Here are three of the sites known to be affected/blocked:

psyc304.metaplasticity.com
crestbd.ca
the-kaleidoscope.com

cheers,
steven
Hello Steven, The answer below is the current technical support response for these issues. There has been another Wordpress brute force attack, but this time the security in place has handled most of the problems. I brought your case up to our systems team, and they noted that the server rules did catch your sites as being hit by a brute force attack. The attack was mitigated and access should return to your login shortly. Systems did note that access to your Wordpress admin was available on at least one site and that you should wait and see if the issue continues (typically 15 minutes) with any of the other sites. They requested that if the problem continues that you should contact technical support so that they can mitigate the issue with you on the phone. Please review the message below as it explains the current attack. Thank you for contacting us. You are currently unable to log into your WordPress dashboard due to your site being the target of a distributed brute-force attack that is attempting to guess your WordPress administrator credentials. What you are seeing on the page when attempting to log in is a custom message we have placed in order to explain the attack better rather than a cryptic error message. If an attacker were to gain access to your WordPress dashboard, they would be able to compromise your site and use it in other attacks, access information out of your database, and/or make unauthorized modifications to your site entirely. Note that while this is an inconvenience, this has been done with the best intentions in order to keep your site secure and out of the hands of these unknown attackers. This is currently something targeting a large number of other providers as well, and we’ve attempted to develop a solution that both keeps your site up and running and keeps the attackers out. If you’d like further details, please consult the following Support Center article that will explain this in more depth: What to do in the event of a brute force attack on your Wordpress login. Apologies again for the frustration with the WordPress issues. If you have any further questions, please leave a comment with more details and and we will be happy to review the issue for you. If we answered your question and it's a great solution for you, please make sure to mark the answer as the BEST answer. Or please leave a comment or note of thanks so that we know your issue is resolved or ongoing. Arnel C. Community Support Team