Replies: 0
Hi dear friends.
Since Friday my WooCommerce store is suffering more than 2500 login attempts per day on my administrative accounts.
I have already installed plugins (“WordFence” and “Limit Login Attempts Reloaded”) that limit login attempts by IP, however, the hacker is using a bot that uses 1 IP per login attempt, that is, bot has thousands of different IPs .
I have also installed the plugin “Login No Captcha reCAPTCHA (Google)” which inserts reCaptcha in the WooCommerce login page (/wp-admin), however, this plugin also did not solve the problem, somehow the bot manages to bypass reCaptcha.
And yesterday (07/05) I installed the Jetpack plugin as indicated by WooCommerce support, and activated the plugin’s security system, thinking that the problem would be solved. But unfortunately the bot keeps making thousands of login attempts every day (there were 3,100 attempts yesterday).
None of the 3 plugins mentioned above and Jetpack itself is managing to prevent the bot from relentlessly trying to find my password.
Does anyone have any suggestions that can help me with this problem?
Note: I am using Two-Factor Authentication as a second protection option.