Newbie: Simply Activating the Plugin Locks Me Out

  • I really want to get to know this plugin and use it regularly. However, I haven’t had too much time to look into it yet.

    A few days ago I installed it on my site, activated it, and went through the “one-click setup.” Today, I went to login to and was immediately informed that

    You have been locked out due to too many invalid login attempts.

    That kind of freaked me out, so I went back and clicked “forgot password” and changed it. Tried logging in using the new password and got the same error message. I was able to disable the plugin remotely using IWP, then was able to login. However, when I reenabled the plugin from within the admin, I was immediately locked out again. Am I doing something wrong, or is someone trying to hack my site? Thanks!

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi,

    It sounds like you’re under a brute force attack. You can get back in by removing your IP from the database in the itsec_lockouts table. If you’re still having problems you might want to create a new username and transfer all content to it.

    Thanks,

    Gerroald

    Thread Starter drokkon

    (@drokkon)

    Thanks. Sounds awful. It happened again yesterday. Do brute force attacks come and go, or…? Anything I can do about them?

    Odd, because I don’t use the typical “admin” username. My passwords are ultra-randomized too.

    Thread Starter drokkon

    (@drokkon)

    Now my sessions are timing out frequently. Is that a feature?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Newbie: Simply Activating the Plugin Locks Me Out’ is closed to new replies.