The solution to the problem of using Wordfence to protect WordPress websites and causing administrators to be unable to log in to the backend

As the title indicates, when I logged into the WordPress backend today, it prompted "Your access to this website has been temporarily restricted by the website owner." Yes, I limited myself. . . Because I entered caps lock when logging into the backend, I entered the wrong password, and then the WordPress plug-in Wordfence automatically prohibited me from continuing to log in to the backend for operations.

The reason why I set this up is because one of my websites has been successfully cracked by brute force. Even now, people are trying to log in to the backend of the website using different administrator usernames every day. Therefore, I added the WordFence plug-in to all WordPress backends to protect this important asset of the website.

So, I have limited myself, what should I do?

The solution to the problem of using Wordfence to protect the WordPress website and causing the administrator to be unable to log in to the backend

Method 1: Wait. When setting the lock, Wordfence will let you choose the lock time. If the "user locked time" you choose is shorter, such as 5 minutes, then you can refresh the page and log in again after 5 minutes. If the lock time you set is very long, say 1 year, then please use method 2.

Method 2: Change IP to log in to the backend. Wordfence locks your current IP address. You can switch IP addresses, such as changing computers or mobile phones, or using tools to switch to foreign IPs, refresh the page and log in to the backend again, then on the Wordfence - Firewall - Blocking page, find and select your IP address, and then select "Unblock ". Then you can switch to the original IP address and log in to the background again. As shown below:

You can add or modify account locking rules in the Settings option of Wordfence – All Options – Strong Protection, including the number of failed login attempts before locking the account, the number of attempts to forget the password before locking the account, and the lockout duration. At the same time, you can check "Lock invalid user names immediately" to protect your website. For example, in the picture above, if someone tries to use the user name "test@test.com" to log in to the backend of the WordPress website, then WordFence will immediately lock this person's The IP address is locked and he is prohibited from accessing the website again.

Wordfence is quite powerful for protecting our WordPress website. recommend.

In addition, it is also strongly recommended to modify the default backend login address of the WordPress website and the default user link address of the administrator to better protect your website.

Recommended site search: host domain name, Alibaba Cloud free virtual host, registration website, free space, personal free space, server high defense Hong Kong, virtual space, virtual host service provider, icp registration query, permanent free cloud server in mainland China Recommended