Had to disable plugin due to total lock out

  • Resolved frustrated999

    (@frustrated999)


    7 years, 11 months ago

    I just updated to the 3.0.0 version of the plugin and right away kept seeing

    “Sorry, your request cannot be accepted.”

    I first thought it was my hosting company but discovered that it was this plugin that was causing the issue. I was able to sftp in and edit the php file in the plugin and regain access to the site. As soon as I restored the php file back to pre edit of the ip_geo_block_emergency I was again locked out of the site.

    Using WordFence as well as iThemes Security both of which are current.

Viewing 7 replies - 16 through 22 (of 22 total)
  • Thread Starter frustrated999

    (@frustrated999)

    Sorry about not responding but the sites have been fine since you made the changes and I login to them several times a week and had no issues with being locked out.

    Quiet frankly I can not be certain that issue is not the same as before. It occurred at the same point of logging into the system, the login screen which uses a 2 Factor Authentication plugin which generates a screen that has the userid, password AND the 2 factor authentication code. In this case instead of me typing the authentication code into the 3rd field I mistakenly entered the 6 digit code on to the end of the username and hit enter.

    It was then then when I seen the “Sorry, your request cannot be accepted.”. Tried several times even going to the URL in a new tab and still could not login.

    I have not tried the process again aka entering the 2FA code on the end of the userid to see if get locked out again. I can try that if you want me to.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @frustrated999,

    the sites have been fine since you made the changes and I login to them several times a week and had no issues with being locked out.

    That’s a good news! And thank you for the detail about your situation.

    I have not tried the process again aka entering the 2FA code on the end of the userid to see if get locked out again. I can try that if you want me to.

    I’ll try 2FA by myself to see if there’s some conflict or not.

    Although once I close this topic, please feel free to open a new one if you have the same issue or others. I’ll do my best to improve this plugin ??

    Thanks.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Additional info: Please consider to select “Disable” as “Max number of failed login attempts per IP address” at “Validation rule settings”. This can avoid the conflict with other plugin such as “limit login attempts”.

    Thanks.

    Thread Starter frustrated999

    (@frustrated999)

    That option was set to 1 not much wonder I got locked out after that mistake I made. For now I boosted that number up a bit.

    This is the 2FA plugin being used https://www.ads-software.com/plugins/google-authenticator/

    • This reply was modified 7 years, 8 months ago by frustrated999.
    Plugin Author tokkonopapa

    (@tokkonopapa)

    Hi @frustrated999,

    Thank you for information about 2FA. I’ll check it!

    Thread Starter frustrated999

    (@frustrated999)

    I think that my bone head move of limiting failed logins to 1 on that affected website was the whole issue that caused the lock out. There is probably nothing wrong with your plugin. Sorry about the hassle.

    Plugin Author tokkonopapa

    (@tokkonopapa)

    Thank you for your kind following up. There is not a person who has never failed :p

Viewing 7 replies - 16 through 22 (of 22 total)
  • The topic ‘Had to disable plugin due to total lock out’ is closed to new replies.