That’s odd and I have no idea why the machine itself would be getting listed as a banned ip. When you say this is locking you out, is this a local installation, where you are trying to log in from the same server that your site is hosted on?
-Michael
@michael – It’s a public installation. I have a variety of “unique” configs including a CDN, nginx and many plugins. It was listing the public IP of my actual server. I would remove the IP from the blocked IP list which would let me in, but then after a second or two, the IP address would magically reappear.
Honestly, I don’t know how long this has been going on…could be recently. (I know, I’m not providing much info for you to run with here.)
But one work-around would be to have a “white list” (similar to what I have seen in other similar plugins) where I could list the IP.
Thoughts?
I do plan on adding a whitelist but have not gotten that feature in yet. However, what it sounds like is something, perhaps one of the plugins, is trying to post to the site and is failing authentication. I would check the server apache logs and look for hits to your site from the server’s ip address and see if you notice anything unusal.
If you would like to manually whitelist the ip, you could wrap lines 442 through 447 with the following if statement:
if( "xxx.xxx.xxx.xxx" == $_SERVER['REMOTE_ADDR'] ) {
//lines 442 - 447 go here
}
Where “xxx.xxx.xxx.xxx” is the ip you are wanting to whitelist. You will still need to release the ip one more time, but that should prevent failed logins from that address from getting added to the database.
Please note though that if the reason this is happening is because some other hacked site on the same serveq as you is trying to brute force it’s way into your site that doing this would disable Login LockDown from keeping that from happening. I would definitely check your traffic logs looking for login attempts from that ip address before implementing this workaround, as this could be symptoms of a potential security issue.
Let me know if that works, and if you need further help implementing that code free to hit me up via email, it’s michael at endlesspoetry dot com.
-Michael
@michael – thanks for the detailed information. I will definitely take a look at the logs to see what is going no. Do note, my site is on a dedicated server so no noisy neighbors to worry about.
I’ll let you know what I find out if anything.
@hightechdad – I am going to mark this as resolved, since it doesn’t appear to be an issue with the plugin itself but rather something going on specific to your server. However, this won’t close the thread, so if you (or anyone else reading this) comes across any info suggesting otherwise then please comment so I can dig into it more.
-Michael
