user blocked

  • Resolved galhad

    (@galhad)


    4 years, 3 months ago

    Hey,
    For some reason only in one website most of the users get blocked when they click the wp-admin link (I tried it on my phone and I got blocked instantly)
    The reason I see in the wordfence blocking dashboard is “Used an invalid username ‘[login]’ to try to sign in”
    I have this option ON Immediately lock out invalid usernames
    How can I stop it from happening?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support WFAdam

    (@wfadam)

    Hello @galhad and thanks for reaching out!

    If you disable this option, does this issue go away? You should only see a block if a user puts in an incorrect username. How is the link setup? Does the link simply just send you to the wp-admin page or is it set up differently? Sometimes I have seen a cache plugin cause issues like this.

    Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    Let me know what you find or if you send a diagnostic!

    Thanks!

    Thread Starter galhad

    (@galhad)

    H?? @wfadam
    Thanks for your replay,
    I found out that the problem is that there is some king of redirection from wp-admin to wp-login and then I see in Top 5 Failed Logins login as username.
    When I deactivate wordfence I don’t get this redirection.

    Plugin Support WFAdam

    (@wfadam)

    Hello @galhad

    I see you have the redirect plugin. If you disable this plugin, does the issue still occur?

    Let me know if this helps!

    Thanks!

    Plugin Support WFAdam

    (@wfadam)

    @galhad

    To double-check your IP detection is correct, first, check the following site and take note of your IP: https://www.whatsmyip.org

    Then, head over to your site and go to Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs and reference the area under that section that says Detected IPs and Your IP with this setting. Start from the top and check to see if any of the settings show that both of those show the same IP as the site above does. Most likely you will need to select “Use the Cloudflare “CF-Connecting-IP” HTTP header to get a visitor IP. Only use if you’re using Cloudflare.” since you’re using Cloudflare.

    Then if you could remove [login] from the list of usernames to immediately block.

    After all these settings are correct, save the settings and test. See if login is successful!

    Also, the redirect is normal for wp-admin to wp-login when Wordfence is enabled. After you successfully log in, it will redirect you back to the wp-admin.

    Let me know if this helps!

    Thanks!

    Thread Starter galhad

    (@galhad)

    @wfadam
    Hey,
    The problem stops only when I disable wordfence.
    When I disable the redirection plugin I still have the problem.

    I changed the option to cloudflare way – this was the only one that gave the same IP.

    It’s worked now for me, I will reopen an issue if some of the user will have the problem again

    Thank you very much!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘user blocked’ is closed to new replies.