Hi SickSquirrel, try the following URL.
http://www.tipsandtricks-hq.com/deactivate-wordpress-plugins-without-logging-into-wp-admin-video-tutorial-4375
Once you have deactivated the plugin, log back in and install it again or enable the plugin and configure the plugin again but test each option one by one. Some security options in the plugin might not work for you, simply don’t enable those security options.
Let us know if that helps you.
Kind regards
Renamed the folder via FTP. Tried to login and I’m at 127.0.0.1.
Hi, check your .htaccess file and remove any code in between and including the following tags:
# BEGIN All In One WP Security
# END All In One WP Security
Let me know if that helps you.
Thank you
Before I do .. Let me show you something
#AIOWPS_ENABLE_BRUTE_FORCE_PREVENTION_START
RewriteEngine On
RewriteCond %{REQUEST_URI} (wp-admin|wp-login)
RewriteCond %{REQUEST_URI} !(wp-admin/admin-ajax.php
RewriteCond %{HTTP_COOKIE} !aiowps_cookie_test= [NC]
RewriteRule .* http://127.0.0.1 [L]
#AIOWPS_ENABLE_BRUTE_FORCE_PREVENTION_END
#AIOWPS_LOGIN_WHITELIST_START
<FilesMatch “^(wp-login\.php)”>
Order Allow,Deny
Allow from http://www.xxxxxx.com
Allow from zzz.xxx.xxx.xxx
Allow from 1xx.xxx201.0/24. <–——— my IP
Allow from 1x.xxx.1.0/24
It blocked me yet my IP is whitelisted. My IP is not blocked yet I’m still redirected.
NOW I did what you said. I’m back I and redid my settings. But if I’m whitelisted, how does that nail me? Second time I believe this has happened.
Hi SickSquirrel, is your IP address dynamic or static?
The behaviour you are seeing is normal and you are being blocked by the Cookie-based Brute Force feature.
The whitelist feature will not prevent you from being blocked by the Cookie-based Brute Force feature if you have not got the correct secret cookie in your browser.
Hi @sicksquirrel, what @wpsolutions is saying is correct. If you read the following in the plugin settings. It explains exactly your symptom and thus why you were blocked.
Attention: If in addition to enabling the white list feature, you also have the Cookie-Based Brute Force Login Prevention feature enabled, you will still need to use your secret word in the URL when trying to access your WordPress login page.
These features are NOT functionally related. Having both of them enabled on your site means you are creating 2 layers of security.
Let us know if you need more help.
Kind regards
Ok so as long as I use the secret word login I can get in. That secret word bypasses the block. And if I forget it, it’s right in htaccess.
I’ve been sick for four days and not at my laptop. Tomorrow I should be able to get on it and view how to reset my secret word. I know I need different passwords on each site