Hi @akiraanastasia, thanks for reaching out. We’re happy to help!
You can use the wildcard method to whitelist your dynamic IP. For example, if you want to whitelist the range 64.233.160.0 to 64.233.191.255, you can use 64.233.160.* or 64.233.*.* depending on the IP range you want to cover.
However, let’s look at this from a different angle. Why are bad login attempts causing frequent lockouts to your account/IP? I’d suggest checking the Raw Details of the lockouts in Security > Logs.
If the lockouts are due to login with wrong credentials and it’s not you who made those attempts, your username might be compromised and the attackers use it to brute force their way to your site. In this case, I’d suggest creating a new admin user with a unique username, transferring all content, and deleting the old username.
If the lockouts are due to attacks on the xmlrpc.php file, you can restrict public access to it via Security > Settings > Advanced > WordPress Tweaks.
There’s also the possibility of your server IP address changing, and the plugin found the activity suspicious and banned it as a precaution. In this case, you can check with your host if there’s a recent change with the server IP and if that IP is added to the plugin’s ban list. It would also help to double-check the itsec_bans database table to ensure the server IP isn’t there. Then, add the server IP to the Authorized Hosts list.
If we can identify why you’re getting locked out, that would help us troubleshoot this problem.
Hope this helps, and let us know what you find!
