Support » Plugin: Limit Login Attempts Reloaded » 127.0.0.1 getting locked out

  • Resolved Jon Schroeder

    (@jonschr)


    On a number of sites (generally those which are on CloudWays and which use Cloudflare as a registrar), I’m seeing a strange behavior. The plugin is detecting *every* login attempt as coming from 127.0.0.1 and therefore keeps locking me out of the site.

    I’ve tried uploading a file that you’d recommended for diagnosing a similar issue:

    <?php
    
    echo 'HTTP_X_FORWARDED_FOR = ' . $_SERVER['HTTP_X_FORWARDED_FOR'] . '<br>';
    echo 'HTTP_X_SUCURI_CLIENTIP = ' . $_SERVER['HTTP_X_SUCURI_CLIENTIP'] . '<br>';
    echo 'REMOTE_ADDR = ' . $_SERVER['REMOTE_ADDR'] . '<br>';

    You can see the results of that here:
    https://elod.in/limitloginattemptsreloadedtest.php

    I’ve tried using a few different settings for the “Trusted IP Origins,” but didn’t have any luck getting a different behavior.

    If you could take a look, that would be great!

    The page I need help with: [log in to see the link]

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author WPChef

    (@wpchefgadget)

    Hi Jon,

    Please update the plugin and copy/paste here the information from the Debug tab on its settings page.

    Thread Starter Jon Schroeder

    (@jonschr)

    Sure! Here you go:

    REMOTE_ADDR = 127.0.0.1
    HTTP_X_FORWARDED_FOR = IP1
    HTTP_X_REAL_IP = IP1
    Thread Starter Jon Schroeder

    (@jonschr)

    I’m wrong, BTW. It’s not every attempt coming from 127.0.0.1. There are others that it’s catching as well. Screenshot: https://snipboard.io/uEVCLx.jpg

    I should probably also tell you that the hosting here is CloudWays (Digital Ocean), and this particular site happens to use Cloudflare, though not all of the sites affected use Cloudflare.

    Plugin Author WPChef

    (@wpchefgadget)

    It looks like the site doesn’t use Cloudflare. It uses Nginx. Using HTTP_X_REAL_IP as a Trusted IP Origin should fix your problem.

    Thread Starter Jon Schroeder

    (@jonschr)

    I’ll try that and follow up. Thanks so much!

    Thread Starter Jon Schroeder

    (@jonschr)

    This appears to have worked! Thanks again.

    Plugin Author WPChef

    (@wpchefgadget)

    You are welcome!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘127.0.0.1 getting locked out’ is closed to new replies.