I would like to second this issue. I haven’t banned a complete range of IP’s but today two different IP’s which are listed in the “Ban Hosts” section were locked out due to too many login attempts and I receieve the standard email about it.
The box “Enable banned users” is checked and I’m 100% sure that the IP’s match.
– What do you think is wrong?
I should probably say that I use Better WP Security 3.4.4 and WordPress 3.4.2.
MonkeyKong are the IPs in question in your .htaccess file? (have they written to it successfully)
Yes, they are in there. It looks like this:
# End HackRepair.com Blacklist
Order allow,deny
Allow from all
Deny from 195.190.13.158
Deny from 195.67.40.14
Deny from 125.255.84.98
Deny from 110.142.78.177
Deny from 80.36.14.23
Deny from 80.33.195.34
Deny from 80.25.95.249
Deny from 79.148.238.85
Deny from 78.7.77.234
Deny from 74.62.205.194
Deny from 70.88.16.189
# END Better WP Security
And just yesterday I got the message saying A host, 74.62.205.194(you can check the host at http://ip-adress.com/ip_tracer/74.62.205.194) has been locked out of the WordPress site at http://chromatic.se until Tuesday, October 2nd, 2012 at 7:39:26 pm UTC due to too many login attempts.
Thank you for looking in to this so quickly!
MonkeyKong,
After being under attack recently I learned a lot today and just installed this plugin and only a couple of hours later noticed several new login attempts for user ‘admin’. I recognize several of the IP addresses you mentioned, must be some big attack going on. I have not encountered the bug yet but I’ll keep a very close eye on it and will post here if I do.
Thanks for looking in to this Bit51!
Hi ExtremeNL, it’s a fantastic plugin! I just hope to keep those banned IP’s away for good!
my site was attacked a thousand times before this plugin, now everything is under control. thanks for this rock-solid security plugin.
Today I got
A host, 80.33.195.34(you can check the host at http://ip-adress.com/ip_tracer/80.33.195.34) has been locked out of the WordPress site at http://chromatic.se until Wednesday, October 10th, 2012 at 4:24:07 am UTC due to too many login attempts.
even though it’s on the list, as you can see.
Any ideas on how to solve this?