WordPress.org

Ready to get started?Download WordPress

Forums

All In One WP Security & Firewall
[resolved] Where are locked-out IPs? (5 posts)

  1. AKCarlow
    Member
    Posted 5 months ago #

    Using the All-in-One Security plugin v2.9.
    In WP Security/User Login I see (currently) three locked-out IP address /24 ranges. If I use WP Security/Settings to look at the current .htaccess file I don't see those IPs. Where are they stored?
    Thanks

    http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. wpsolutions
    Member
    Plugin Author

    Posted 5 months ago #

    The lockout feature doesn't use .htaccess file. It stores entries in the DB and checks against these when a login attempt occurs.

  3. AKCarlow
    Member
    Posted 5 months ago #

    Ahh. So removing the .htaccess file won't help me if I've locked myself out. Again :(

  4. mra13
    Member
    Plugin Author

    Posted 5 months ago #

    Any reason why you (the admin of the site) are entering wrong login details multiple times? The plguin is basically doing exactly what you are telling you to do. So if you can't remember the password then don't use this feature.

  5. AKCarlow
    Member
    Posted 5 months ago #

    Because I followed the advice, and changed from admin, and occasionally forget, use admin and get immediately locked out. Or because someone using the same ISP, and so the same (or close) external IP address, regularly forgets their (non-admin level) password, and causes lockout for the /24 block that includes me.

    The feature is sufficiently useful (it fires 40-50 times a day for our small site, mostly with real baddies) that I can put up with the pain of the 6-hour lockout that I have set.

    If really stuck, I could edit the database - if I could remember the prefix I changed to from wp_! (Only joking, I have a note of it.)

Reply

You must log in to post.

About this Plugin

About this Topic