Brute force locked me out of site

  • jpowelso

    (@jpowelso)


    9 years ago

    I use the plugins sucuri, wordfence, and bad behavior for protection. I have changed the settings for the time in which an IP stays blocked (increased the time to like 480) and also set the number of login attempts before they get blocked to 3. I am not behind a proxy, but our addresses at Nat’d behind a Palo Alto firewall. First attempt at logging in to wp-admin today I was blocked. I receive the email alert and now cannot access my site. I looked at .htaccess and my ip was listed, so I deleted, but I am still locked out. Is there a workaround so I can get back in? Also is it conflicting with one of my security plugins?

    https://www.ads-software.com/plugins/brute-force-login-protection/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter jpowelso

    (@jpowelso)

    I figured this out. Backup your .htaccess, then edit out all the brute force code from .htaccess and re-upload to server. You will then effectively break the plugin so you can get back in. Then add yourself to the whitelist and go back to ftp and put the backed up version of .htaccess back in place.

    Thread Starter jpowelso

    (@jpowelso)

    So which one of my plugins was this conflicting with, maybe bad behavior?

    Plugin Author Fresh-Media

    (@jan-paul-kleemans)

    Hi,

    Thanks for your post.

    When you remove your IP from the .htaccess file, you shouldn’t be still locked out. Could you send me a copy of the .htaccess file when your IP has been blocked? (to [email protected])

    Thanks.

    JP

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Brute force locked me out of site’ is closed to new replies.