WordPress.org

Ready to get started?Download WordPress

Forums

Limit Login Attempts
[resolved] Log Out Lock Out [Major Bug?] (15 posts)

  1. Howdy_McGee
    Member
    Posted 2 months ago #

    Every time I log out of my WordPress website(s) it counts against me as a failed login attempt. Not sure if this is a known bug or if this Plugin is even still being worked on but it seems to be happening on all my WP installs.

    https://wordpress.org/plugins/limit-login-attempts/

  2. Howdy_McGee
    Member
    Posted 2 months ago #

    It looks like this problem only occurs with a Captcha (http://wordpress.org/support/plugin/captcha) plugin installed, which usually works well with Limit Login Attempts.

    So Limit Login Attempts + Captcha == Logout Lockout

    I'll submit this issue on the Captcha support forums, not sure if the developer can work around this in future versions or not.

    Captcha Plugin Link

    Captcha Plugin Support Link

  3. La Foret a Coeur
    Member
    Posted 2 months ago #

    Thanks! That's my problem!

  4. thisflourishinglife
    Member
    Posted 2 months ago #

    I'm having the same issue and use both of those plugins.

  5. MickeyRoush
    Member
    Posted 2 months ago #

  6. Howdy_McGee
    Member
    Posted 2 months ago #

    I feel like adding a entire plugin just for this small problem is a bit much, thanks though.

  7. piouseye
    Member
    Posted 2 months ago #

    I have the same problem, but appear to be using a different Captcha plugin than Howdy_McGee. This seems like a problem the Limit Login Attempts developer should be able to fix, not something every Captcha provider should have to work around.

  8. piouseye
    Member
    Posted 2 months ago #

    My mistake; I was using the same Captcha plugin. I note that I had these two plugins running together for some time with no problems. Presumably a recent update to one of them (or perhaps to WordPress?) broke something.

  9. piouseye
    Member
    Posted 2 months ago #

    Followup. I tried deactivating Captcha and keeping Limit Login Attempts running. My "tries remaining" continued to count down. I think this means Limit Login Attempts alone is the problem, not the combination of Limit Login Attempts and Captcha. I look forward to hearing that this has been fixed or that someone else in the forum has found a good replacement plugin.

  10. bestfrenchmortgage
    Member
    Posted 2 months ago #

    Hi all, I have had exactly this problem on three sites with Captcha 3.9.5 installed alongside Limit Login Attempts 1.7.1.

    Diasbling Limit Login Attempts via ftp then logging on and deactivating then deleting Captcha from the WP control panel before logging off WP and re-enabling Limit Login Attempts via ftp appears to clear the problem.

    Poiuseye, reading your post suggested to me that your continuing problem may be related to the system current state and the process steps you used to deactivate Captcha and that Limit Login Attempts is reading a transient variable. I'd be interested to know if the process I used solves your problem.

    As an aside we have been suffering low level bot hacking attempts for a while (20-40 per 24 hours) and from the logs it seems as though Captcha is not effective either because the bots are bypassing it or a brute force algorithim is able to fake the Captcha answer but I can find no evidence that Captch is helping with this issue.

  11. Howdy_McGee
    Member
    Posted 2 months ago #

    Good News! Looks like Captcha has fixed this problem with V3.9.6 (of Captcha) - 12.02.2014

    If you haven't updated yet, go ahead and update and it seems to have fixed the problem.

  12. bestfrenchmortgage
    Member
    Posted 2 months ago #

    Not all good news. I've just installed 3.9.6 of CAPTCHA and on my sites it does not solve the problem - I'm back to being logged out again.

    So on my server configuration the fix doesn't seem to work

  13. Howdy_McGee
    Member
    Posted 2 months ago #

    I do not have this problem anymore, when I log out it does not count against me or lock me out.

  14. piouseye
    Member
    Posted 2 months ago #

    Hi, bestfrenchmortgage.

    Before reading your procedure, and believing my test proved that Limited Login Attempts (LLA) was the problem, I switched from LLA to a compatible plugin that also permits limiting login attempts, then reactivated Captcha. The plugin I switched to is Wordfence. If you try it, be aware of this issue, which gave me some problems.

    Anyway, Captcha's people now appear to accept that Captcha was the cause, but say that the problem has been fixed.

  15. bestfrenchmortgage
    Member
    Posted 2 months ago #

    Hi Guys, let me add an update to this post and then transfer to the CAPTCHA support page

    I logged in to one of the affected sites via a remote IP, cleared all LLA lockouts and deactivated and de-installed CAPTCHA (3.9.6). (LLA v 1.7.1)

    I then logged back in to the site from the usual IP without any problem, so LLA was working fine.

    I then re-installed CAPTCHA 3.9.6, activated it then logged out.

    I then tried to log back in from the usual IP and again LLA showed that it had decremented the number of remaining login attempts by 1.

    I completed the login (I had LLA tries remaining) and deactivated and deinstalled CAPTCHA and logged out.

    On trying to log back in without CAPTCHA enabled LLA did not further decrement the number of remaining login attempts.

    So, unless there is some other strange issue with the loaded plugin selection or the server platform configuration, the evidence points to CAPTCHA 3.9.6 being the issue - even after the bug fix.

    It does seem to confirm that the problem is not with LLA

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.