Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Contributor mbrsolution


    Hi SickSquirrel, try the following URL.

    Deactivate WordPress Plugins without Logging Into WP Admin (Video Tutorial)

    Once you have deactivated the plugin, log back in and install it again or enable the plugin and configure the plugin again but test each option one by one. Some security options in the plugin might not work for you, simply don’t enable those security options.

    Let us know if that helps you.

    Kind regards

    Renamed the folder via FTP. Tried to login and I’m at

    Plugin Contributor mbrsolution


    Hi, check your .htaccess file and remove any code in between and including the following tags:

    # BEGIN All In One WP Security
    # END All In One WP Security

    Let me know if that helps you.

    Thank you

    Before I do .. Let me show you something

    RewriteEngine On
    RewriteCond %{REQUEST_URI} (wp-admin|wp-login)
    RewriteCond %{REQUEST_URI} !(wp-admin/admin-ajax.php
    RewriteCond %{HTTP_COOKIE} !aiowps_cookie_test= [NC]
    RewriteRule .* [L]
    <FilesMatch “^(wp-login\.php)”>
    Order Allow,Deny
    Allow from
    Allow from
    Allow from 1xx.xxx201.0/24. <–——— my IP
    Allow from

    It blocked me yet my IP is whitelisted. My IP is not blocked yet I’m still redirected.

    NOW I did what you said. I’m back I and redid my settings. But if I’m whitelisted, how does that nail me? Second time I believe this has happened.

    Plugin Contributor mbrsolution


    Hi SickSquirrel, is your IP address dynamic or static?

    It’s static

    Plugin Author wpsolutions


    The behaviour you are seeing is normal and you are being blocked by the Cookie-based Brute Force feature.

    The whitelist feature will not prevent you from being blocked by the Cookie-based Brute Force feature if you have not got the correct secret cookie in your browser.

    Plugin Contributor mbrsolution


    Hi @sicksquirrel, what @wpsolutions is saying is correct. If you read the following in the plugin settings. It explains exactly your symptom and thus why you were blocked.

    Attention: If in addition to enabling the white list feature, you also have the Cookie-Based Brute Force Login Prevention feature enabled, you will still need to use your secret word in the URL when trying to access your WordPress login page.

    These features are NOT functionally related. Having both of them enabled on your site means you are creating 2 layers of security.

    Let us know if you need more help.

    Kind regards

    Ok so as long as I use the secret word login I can get in. That secret word bypasses the block. And if I forget it, it’s right in htaccess.

    I’ve been sick for four days and not at my laptop. Tomorrow I should be able to get on it and view how to reset my secret word. I know I need different passwords on each site

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘’ is closed to new replies.