Viewing 3 replies - 1 through 3 (of 3 total)
  • Hello,
    I just find out a form for reporting bugs and so i have reported this bug with “Lockout White List” feature not working properly in version 4.2.6 of iTheme Security. We have to wait the next update.
    As you can see, if you put your IP in “Lockout White List” field and validate, If you go to “Brute Force Protection” you have this:
    • Is this computer white-listed: no.

    The problem is that it no longer blacklists IP addresses automatically. This just slows down a brute force attempt instead of blocking offending IP addresses and stopping them. Very counter-productive.

    I also find the ‘timeout’ to be counter productive, if I go to work on something else, come back and timed out log in screen is there I have to log back in, by then I’m locked out to the the constant attacks.

    The bots are using the usernames now and not simply ‘admin’, is there any workarounds for these issues? I’m spending more time unlocking myself than I am working.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Lockouts: IP/host vs User accounts’ is closed to new replies.