Wordpress Site Lockout Notification??

Last Update: Apr 26, 2013

8
1.4K followers

Yesterday I received an email from my own website and the title said "Site Lockout Notification".

The message was the following:

"A host, 78.85.76.103(you can check the host at http://ip-adress.com/ip_tracer/78.85.76.103) has been locked out of the WordPress site at http://onlinephonenumberlookup.com until Wednesday, April 24th, 2013 at 9:15:46 pm UTC due to too many attempts to open a file that does not exist. You may login to the site to manually release the lock if necessary."

Was this some kind of attempt to hack the website? I know there is a wave of Wordpress mass attacks, but I found this strange and even got a bit worried. The IP indicates that is from Russia, and that someone made too many attempts to try to access something.

I already made the tutorial on the Wordpress safety plugin and applied it, like 2 weeks ago but I find this strange.
Is my site safe?
Is it possible to override the user and password?
Did this ever occurred to anyone?

Now I am a bit relieved, but I would like to know if this ever happened to anyone and if it is a reason to be worried.

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training

Recent Comments

19

I have had lots of site lockout notification emails. What should I do with them? I'm new to blogging and trying to learn things from scratch. thanks for any help! :)

Hi Katy,

I think you should contact site support and let them check whether these are hacker based or otherwise.
https://my.wealthyaffiliate.com/websites/support
Cheers

Hmm, that's not really a hacker attack, but sometimes there are intrusions like that (on wordpress websites) - some 'hackers' try to access the arborescent structure of the directories of your wordpress websites (wp-admin folder is one of the most important, wp-content, the plugins container folder etc), and from there to substract some important information. There are several solutions for such intrusions - making a database audit tracking, which registers who and from where access some files and folders of your website, etc; additionally, some files and folders can be password protected on your server and, if you want more protection, you can search for PHP protecting code in 3 or more stages, triple password protection, automated reporting to server of intrusion attemptings etc. Be aware of some plugins, some 'developers' don't know at all about security on internet, sql injection etc, and it's better to be based only on highly reviewed plugins, in my opinion

Yeah, most issues and most security flaws derive from plugins and themes that are poorly programming (sometimes intentionally) leaving big holes. From our experience the "paid" plugins and themes tend to be the worse, in particular when not developed by a reputable company like Yoothemes.

We do regular audits on people's plugins here at WA (with our hosting) and do fix vulnerabilities behind the scenes within our hosting and regularly will disable plugins (and let people know) if they are creating a security threat or abusing the load times of that particular site.

Haven't been affected. Heard about the iPage and Wordpress a week or so ago.
Thank you for the heads up, so we can be aware. Have good names and passwords, different for each of my sites. I will put the url below in my reference box just in case.

I recommend you follow the Wordpress Security Plugin Tutorial here in WA. I did it and I trust it... so far :D

Thank you for the advice. Will do. :O

Here is a good thread on this:

http://wordpress.org/support/topic/what-is-this-locked-out-too-many-attempts-open-file

Likely relational to your theme or a plugin that has been "poorly" programmed, this is typically the result of the "paid" plugins out there as many of these are outsource jobs by folks that should not be developing any sort of software.

yeah it's nice to know about that! I already had a chat in the WA chat with David and I was relieved! It's not that dangerous, and I backup my website every week, so I guess I am ok. My password is 15 characters long and I have the Wordpress Security Plugin well config, so I guess I am good ;)

Here, check it and make sure it is clean http://sitecheck.sucuri.net/

already checked it and everything is OK! but this hacker stuff just leaves me a bit unsafe... When I said in the post that I was relieved, it was because I thought they can't override the user and password to access the website, well, but you never know....

You have changed your login from Admin, right? If not let me know and I will send you some info on how to do it. :)

First thing I'd do is block the IP, the IP is also related to forum SPAM.

How can you do that? If you know please explain me step by step because I don't know how to do that... :P

So far, I haven't had this happen...like they mention in the comments below, I'm sure Kyle or Carson will know what to do. Hope everything turns out well!

yes pedro you need to get it from the big guys Kyle or Carson they won't let you go astray, they good Guys
not happened to me yet but good to know what to do from them if it does, to be on safe side

If you see Kyle or Carson come on then ask them and see if you need to put in a support ticket.

I don't know what to say Pedro... but I would ask Kyle, Carson or Jay... they would likely know for sure... You might also post the question in live chat... Kyle or Carson might be around there.

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training