My Website Security Critical Problem

There are numerous unsuccessful login attempts, which is my website’s security concern. And therefore can you recommend the best plugins for security and performance?

1 Like

Your website doesnt have a login section.

Also your website uses a permanently-expanding design with a footer. Very annoying design choice.
It fails to comply with GDPR requirements about consent for accepting cookies, despite trying to talk about GDPR requirements on the privacy page.

You might have other things to worry about besides phantom logins.

It’s a Wordpress site. I guess someone it trying to brute-force the Admin login.
It maybe would have been worth mentioning it’s Wordpress, if you want recomendations for plugins.
I had a problem a while back with an OpenCart site, they were trying to brute-force the admin. They never got in, but the many attempts per second were taking its toll on the server.
When I checked the access logs, I found they switched the IP on every request, so it wasn’t as simple as just blocking one or a few IPs, there were hundreds or thousands.
I ended up blocking them by user agent, not something you would generally advise as it affects anyone using that browser. But fortunately in this case it was always the same one which was a very old, obsolete version of either Chrome or Firefox (I don’t recall which) that very few people are likely to be using.
Another way would be to whitelist IPs that may have access, if you are on static IPs.

Being WP, there may well be plugins available to help security, with 2FA etc. Though in my case, when never getting in, the serrver took a hit from the volume of attempts before I stopped them.

I can’t see the link to your website so can’t do an audit. Others have mentioned it’s a wordpress site.

When I create a new website using WordPress always select to install loginizer. It just blocks the IP after a few wrong passwords are entered. This would be enough to deter bots, but not someone who really wants to get inside your website.