Unable to login to Wordpress site

wordpress

#1

I’ve been unable to login to both my wordpress blogs. Can’t even request a new password. Wordpress says it’s due to a Brute Force attack that they have nothing to do with. So they referred me to my host(DreamHost). What would be the next step to approach this issue?

Thanks

http://wordpress.org/support/topic/brute-force-attacks-and-wordpress?replies=2


#2

Can you describe what happens when you try to log in?


#3

nothing happens at all. Not even a ‘sorry incorrect login’ statement. the username and password field just blanks out so I can try again. I contacted wordpress about that, and they insisted it was a Brute Force attack issue that has to do with the host.


#4

Hi, I wrote the post you linked to :slight_smile: If it had been DreamHost blocking your login (which we aren’t doing by the way) then you would have gotten an error message. (Also the WordPress forums are the world of free volunteers.)

That particular error isn’t normally associated with the DDoS we had a couple days ago. Have you tried disabling your plugins via FTP?


#5

No I haven’t done that yet. I’ll try that.
[hr]
So since you wrote that post, you’re confirming that it’s NOT Brute Force?
Just checking.


#6

I’ve attempted to remove all the plugins under my domain. I’ve removed most plugins, but now I’m getting the error:

rmdir()[function.rmdir]: 550 /jtmovieblog.com/wp-content/plugins/podpress/optional_files/podpress_trac:Directory not empty in
home/webftp_dh/webftp.dreamhost.com/plugins/access.ftp/class.ftpAccessWrapper.php (l.157)

I tried to delete the podpress_trac folder from within the directory, but no avail. It actually IS empty.

What does this error mean???


#7

I can delete that for you, however I noticed you also have wp-phpmyadmin installed.

Personally that’s something I would never install on any server because it’s asking WordPress to do a job it shouldn’t do (like using a hammer to drive in a screw - You can, but …). Also, that plugin is known to be insecure and isn’t available on WordPress.org anymore because of it. I’ve removed it as well, just under my ‘Security Nerd’ hat.

Now I can get to jtmovieblog.com/wp-login.php so I think you should be okay. if not, please open up and ticket (you can link back to this thread in it so we know what’s gone on before) :slight_smile: