With the security plugin installed, the feature of logging “failed login” is running all the time.
Due to the settings of current login on fbu site, every login, either by valid user or by hacker, is considered failed. So every login is recorded in the “failed login” log.
As a result, the total records, as of 9/4/2022, were 2,119,337
And it was way much higher than the security plugin can handle. So the “Failed Login Records” could not be displayed in the plugin’s UI.
The huge number of records not just prevents the security plugin function properly on displaying the failed login records, but also prohibits some functions of phpMyAdmin. So it was not possible to delete the failed login records in batch.
At the end the SSH connection to the server was used to delete in batch records of old logs.
And the total records were dropped to only around 3,000
After cleaning, the security plugin can now display the failed logs normally.
With the properly shown “failed login” records, it can be tracked how serious the website is with the attempted hacks.
And need to keep an eye on the record number. Remove old records when the number is going too high.
fbu dot EDU site, “wp_aiowps_failed_logins” table size before and after removing old records
| rec # | table size | |
| Before | 2,119,337 | 114.7 MB |
| After | 3,089 | 188 KB |
fbu dot ORG site, “wp_aiowps_failed_logins” table size before and after removing old records
| rec # | table size | |
| Before | 1,073,447 | 60.9 MB |
| After | 1,199 | 70.8 KB |
“Failed Login Records” displays properly after the log table is slimmed down to the acceptable size.