Cookie slug leeds to 127.0.0.1 seems not accepted since last update?!

Hi @shaady4,

The below solution works it is not changed make sure you add it before wp-settings.php added.

define('AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION', true);

Thanks, but is there any logic explanation of why it destroys itself all the time?

Hi @shaady4

Sorry not getting here but destroy itself means the wp-admin start to redirect to 127.0.0.1?

If you have enabled cookie based brute force. you should try access with secret word so {site_url}?{secret_word}=1 It will save cookie in your browser for 24 hrs the again after 24 hrs it will start redirect to 127.0.0.1 and you can access with {site_url}?{secret_word}=1 only.

If you are asking why after 24 hrs it needs to access with the secret word then it is for security.

Regards

That’s not what I meant. I’m familiar with how that feature works. I understand that I need to visit the URL to retrieve a pack of cookies ??, but the complete functionality breaks down. For instance, if I access the correct secret word, like ‘/?someword=1’, it doesn’t recognize the input and redirects me to the localhost, i.e., 127.0.0.1. It usually happens after an update of the plug-in. If I do reset it as described above it usually works again but then after some time.

Hi @shaady4

Okay, if there is an update it stops working cookie-based brute force prevention is generally not the case. It needs to be checked that wp-content\uploads\aios\firewall-rules\settings.php file do have any thing changed after update.

If possible take a backup of that file install WP Rollback plugin and downgrade the AIOS plugin version and then update to the latest and cross-check if that file got changed aios brute force related anything.

Regards

It happend again….

Recently, I encountered an issue where my website’s wp-login.php page displayed a White Screen of Death (WSOD) after temporarily disabling your plugin by renaming the plugin folder to ‘disabled.yourreallylongfoldername’ via FTP. After doing this, I was able to log in successfully.

It appears that something goes awry in a seemingly random manner, almost like a ‘now this, then that’ scenario, as opposed to a more predictable ‘if this, then that’ situation. I hope that analogy makes sense!

If anyone has any suggestions or insights related to this specific issue, I’d greatly appreciate it. Thank you!

Hi @shaady4

As said before do you have backup of the wp-content\uploads\aios\firewall-rules\settings.php file?

If yes can you share it with https://pastebin.com/ using burn after read option.

If the page is white is it 403 forbidden or 500 error showing ?

If 403 is forbidden it might be due to AIOS firewall rules. If 500 errors it might be due to an error please cross-check error log if enabled.

Regards

I sincerely apologize for not addressing the error earlier. As per the console logs, it clearly indicated that the WSOD was, in fact, a 403 error.

Certainly, I have a personal preference for not using Pastebin, and instead, I’ve devised my own solution. I’ve limited the download rate to a maximum of 1, so I kindly request other readers to refrain from clicking on this link to the actual file. I know it is tempting so, click here instead, if you are not the one who is giving support ?? .

Thanks!

Hi @shaady4,

If I cross-check settings.php file you have sent it has all rules disabled, So it does not firewall settings file issue.

Please define below constant in wp-config.php before wp-setting.php file included. it will disable all firewall rules.

define( 'AIOS_NO_FIREWALL', true);

If still it shows 403 forbidden error do you have a Login white list feature on please add below constant.

define( 'AIOS_DISABLE_LOGIN_WHITELIST', true );

Regards

Okay that gave access back, thanks!

4 days later same issue @hjogiupdraftplus

Hi @shaady4

Last time which solved the issue No firewall or disabled login white list ?

If you do not know above please try define one by one and cross check and let me know.

Please define below constant in wp-config.php before wp-setting.php file included. it will disable all firewall rules.

define( 'AIOS_NO_FIREWALL', true);

If still it shows 403 forbidden error do you have a Login white list feature on please add below constant.

define( 'AIOS_DISABLE_LOGIN_WHITELIST', true );

Regards

This 127.0.0.1 page can’t be found

No webpage was found for the web address: https://127.0.0.1/

HTTP ERROR 404

A locked database does not allow restoring the backup