WINPH COM Login Register.Claim Your Free 999 Pesos Bonus Today

doyuk
(@doyuk)

5 years ago

Hi,
Some users receive this error message even though they haven’t attempted member login on my website.
What should I do to fix the problem?

https://doyuk.com/itsec_lockouts.jpg
https://doyuk.com/you-have-been-locked-out-1.png
https://doyuk.com/you-have-been-locked-out-2.jpg

best regards
Tahir

The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)

nlpro
(@nlpro)

5 years ago
First you have to make sure the plugin is using the right method for determining the client IP address.

Goto the plugin Settings page. Click on the Configure Settings button of the Global Settings module. Scroll down to the Proxy Detection setting.

What is the current value selected for this setting ?
Is the IP displayed for “Detected IP:” correct ?

Based on the data from the first screenshot it seems the (host/IP) lockouts are occurring because of too many 404’s. You could simply disable the 404 Detection module or navigate to the plugin Logs page and filter for all 404 Detection Notices. The Description column will show you the URL(s) that result in a 404. Then simply fix the 404’s. Fixing the 404s in your site will allow you to keep the 404 Detection module enabled while not locking out non malicious IP’s.

To prevent any confusion, I’m not iThemes.
- This reply was modified 5 years ago by nlpro.
Thread Starter doyuk
(@doyuk)

5 years ago

My Proxy Detection setting
https://monosnap.com/file/eSYKZoHPxlhC00EVONK2ukzVNteKtS
https://monosnap.com/file/AJ4xviAneBJtjhJNMpUY7Zuy3TvF6T

How should the Proxy Detection setting be?

I turned off 404 Detection feature.
https://monosnap.com/file/8R1uwNkmgQL4EsbyYexT75MjGKv0vn

Thank you for your support.
best regards
Tahir

nlpro
(@nlpro)

5 years ago

Your Proxy Detection setting seems to be fine.

Do note that you are currently allowing iThemes to harvest a minimum amount of information about your site which is required to properly (auto) configure this setting.

If you don’t feel comfortable with that (for privacy reasons) you could opt to set the Proxy Detection value to Manual.
This will result in an extra setting being displayed: Proxy Header
And since your site seems to be on CloudFlare you should select Cf-Connecting-IP.

Most people simply don’t know what this setting (which is important for proper functioning of the iTSec plugin) is about. Choosing the Security Check Scan value is like saying: I have no idea what to select for my site so I’ll let iThemes figure it out for me ??
A big advantage is that in case you decide to stop using CloudFlare for the site the setting will auto detect this and reconfigure accordingly ! So that’s why it’s the recommended value for this setting.

With the Manual value (after a change to your site configuration) YOU need to manually reconfigure this setting accordingly.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘YOU HAVE BEEN LOCKED OUT.’ is closed to new replies.