Too Many failed Login Attempts – Midst in Working (running)

is any of the plugins you are using has to do with limiting login attempts? If you do, see the setting of that plugin in your dashboard and change it your liking

But I don’t even log-in and I have another too many failed login attempts message. Now I have to wait another 20h.. Why is this happening? I didn’t even log in..!!!!! :(((

@phenomenae,

I believe you use the s2member plugin. I suspect you have set the Unique IP Restrictions feature.

What you need to do is use FTP to download the s2member folder from your server, and then delete that folder from your site.

Then login to your site. Now upload the folder you previously downloaded.
Then go to Restriction Options -> Unique IP Restrictions and turn it off.

Don’t ever turn it on again. It’s for circumstances where users will only be accessing your site from fixed locations (such as company premises).

Hello KTS915 thank you very much for your advice. I now deleted all the s2member files from the ftp – unfortunately I still can’t login (still have to wait 17h). Is this right? Then I will reinstall the files (hoping the setting aren’t gone..) Oh man…

If the logout was caused by s2Member, then deleting it from your server should mean you can get back in immediately.

So can you remember if you had set Unique IP Restrictions?

If you had Plugin Deletion Protections in s2Member set to Yes, the settings will be saved.

It’s possible that you are now experiencing a browser caching issue, which is remembering that you were locked out. Just in case, try accessing your site using a different browser that you haven’t used since being locked out.

Ok.. thank you.. But it’s definitely not because of the cache..
I’v deleted everything and even another browswer did not the job..
I can’t remember to have set this up.. I have also the plugin I-Themes Security in which I can remember to have set sth up on login attempts..
but it shouldn’t just kick me out and also not even having tried to login, telling me there were too many attempts.. I really don’t know..
I try tomorrow to login (hopin it would work) what would you do??

Ah, well, that’s your problem. You can’t run iThemes Security with s2Member because they are both trying to do the same thing in terms of security and you will get conflicts like this.

I would just delete iThemes Security plugin from your server using FTP, and then try logging in again.

And then? I need the security..? Don’t I??

All the security you need at the WordPress level is built into s2Member.

For the strongest security protection, you need to do it outside of WordPress. A good web host — typically, one providing a managed WordPress environment — is invaluable in providing such protection.

Ok.. yes thank you – I work with WP Engine.. I just settled over to them.. So you think I’ll be fine with S2Member and the probably best WP Host? Then I will delete IThemes Security..

Well, I personally wouldn’t call WP Engine the best, but it should certainly provide the level of protection you are looking for.

Dear KTS915, I now deleted S2Member as well as I Themes Security from my FTP – I hope I do not have to set everything from new first and secondly, it still is not possible to login to my page.. I have to wait those left 12hours.. Do you have any further information or advice?

Hmm, I think you have something else still at work then. What other plugins are you using?

What I would suggest, once you get back in, is that you install some good logging plugins, like Aryo, Simple History, and/or Plainview. That way, you’ll always have a record of what happened on the site (not just what you did) and when, which will help identify what the cause of any further problems might be.

Ok that sounds very good.. I’ll definitely try it out.. I don’t know what is causing it.. So you think then it is not S2Member nor IThemes?

Well, from what you’ve reported, I can’t say what caused the lockout in the first place.

I can say that, if you set Unique IP Restrictions in s2 and then logged in from several different locations, that would cause a lockout. I can also say that the combo of s2 and iThemes could cause a lockout. But I don’t know if this lockout was caused by either of those factors or by something else.

The reason I am not sure is that a lockout caused by Unique IP Restrictions in s2Member wouldn’t persist after you’re removed the plugin.

So the persistence of the lockout might suggest that iThemes behaves differently — I don’t know because I don’t use it — or it might be that there is another, continuing issue on your site.