[Plugin: Better WP Security] Site Lockout Events despite Blocked IP

Same here. IP is Banned, still getting the events. AND all my users (including wp admin) are unable to login after the latest version is updated.

Can you all please check your .htaccess and verify that these IPs are making it there?

Yes, the thought did occur to me that the .htaccess wasn’t being updated, but in my case it was. I’m still uncertain why the ip isn’t being properly blocked…

Any update on this? Same thing is happening to me. htaccess file is being updated but keep getting site lockout notifications… I’m using a CDN … not sure if that’s affecting it.

My assumption is that these hackers aren’t logging in via the blog interface but instead through some automatic code which bypasses the IP block… but this is just a guess.

Same.. My IP’s show up in the Dashboard tab’s ‘Rewrite Rules’ towards the bottom but they are not being written to the actual htaccess file. Has there been any solutions here? Thanks!

I have similar issue.
I haven’t banned anyone manually, but BWS did so for an IP address after it had too many 404’s, so it locked it out permanently.
Still, the attacker continued on, making more 404’s, which run the 404’s detection process all over again and for each pass, so I get both many notification emails and practically the permanent lockout is not working.

Also, the log page shows a long matching list at the “all lockouts” box, but on top of the page, in the box of “clean database”, there is a line of “Your database contains 0 old lockouts.” but it should not show “0” (zero) but the number of records of “all lockouts”.
Still, checking its check box and clicking “remove data” removes the current “all lockouts” records, so this works well.

Same here

I’m having the same issue as bobair as well. Banned IP addresses are being added to my htaccess file, but I am getting site lockout notifications for the same IP addresses.