Firewall locked me out of my site

I’ve gone ahead with release 4.10.1 since I don’t want others having similar problems with logins.

Please do try it out again and logging-in. The best way to do this is to open up another browser (e.g. Chrome, Firefox, IE, Opera) so you still retain your logged-in session in your main browser. If you see the transgression message and you’re sure you logged-in correctly, just turn of the IP Manager function and please report it.

Thank you for all your help and support to fix these teething problems – it’ll be worth it! Automated Black Lists are far cooler than manual ones! ??

Hi,
Updated, I was able to connect with the IP manager turned on ??
Thanks for your help
Best
B.

Great! Thanks so much for testing this. Now all that remains is to learn why sometimes login data is unreliable.

Thanks again for your feedback and help!

Woah thats insane. I was googling jsut now about this problem. Then I see a thread thats alive and just sent out and update for the plugin. The plugin is AMAZING but i cant rename my wp login after this update. even after updating permalinks

Can you open up a new thread? I’m going to “resolve” this one…

Not resolved for me!! Paul, I just activated the plugin and was automatically blacklisted/kicked out :-(. Please help!!

I wasn’t even able to change my settings. Activated and immediately blacklisted. Frustrating!

I did the forceOff through FTP which got me back in.

Now that the plugin is turned off, I unchecked the IP Manager feature. Should I try reactivating it now (fingers super crossed)?

Paul

Love the plugin. I would just like to add what info I have on the IP blacklist issue (You tripped the security plugin defenses a total of 5 times…). The site owner reported the problem to me. I went to check – I was locked out. Everyone was locked out. I did the forceOFF thing, left IP manager enabled but set the threshold down to zero (effectively disabling it). When I look at the blacklist, there is one IP address in it. Not mine, not the owners, but presumably an innocent user in Seattle. So e.g. my IP address is not in there but it reports me as being blacklisted. Seems that once anyone is blacklisted, then everybody is locked out. There is also a likely issue that the one person who was blacklisted should not have been. Sorry about the long story.

Cheers

Tom

Paul,

Addendum to ramble. Although I have already deleted it, when I checked the one IP address that was in the blacklist, it resolved to the website itself. Not the user who was accessing it.

Tom

Geez, seriously? The whacky Web hosting configurations out there are crazy. This explains why in your case why “everyone” is locked out because your web host is populating the visitor IP with its own public IP.

This means it always only ever has 1 visitor IP. You wouldn’t even be able to whitelist yourself or blacklist any one else.

I’ll have to find a way to detect this somehow, though I’m stumped as to how that could be possible.

Could you report this to your Web host and ask them why your PHP server variables wouldn’t be being populated with remote addresses correctly?

@slis could you look at the IP address reported by your server? It’ll be printed at the bottom of your wordpress admin pages. Is this IP on your black list, and is it perhaps your server’s own IP?

Hi Paul,

I never put an IP of any kind of my blacklist, and the IP address on the bottom of my WP page doesn’t match my server IP address. Any ideas as to why they wouldn’t match up?

Actually in my cpanel it only lists my home ip address. I don’t see a listing for my server address? I’m on shared hosting with Hostgator, FYI.

The Ips on your black list are automatic.. You can see them within the IP manager section. Your visitor ip address must be on that list – your particular address is the address displayed at the bottom of your wordpress admin pages