Support » Plugin: All-In-One Security (AIOS) – Security and Firewall » 403 at on login page after update

  • Resolved Natalia

    (@nataliaszw)


    Good day!

    We can’t log into the site on wordpress. The login page pops up a 403 error. I guess it has sth to do with the changes in whitelisting.

    We removed AIOWPS entries in htacces, but that was not enough. So we removed the plugin from the hosting and at that point logging into the wordpress panel was possible.

    But after adding it again and activating it, it immediately popped up a 403. Is there any way to make it work?

    Thanks!

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Contributor Prashant Baldha

    (@pmbaldha)

    Please accept my apologies for your inconvenience.

    Can you define the below code line in the wp-config.php and then try again?

    
    define('AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION', true);
    define('AIOS_DISABLE_LOGIN_WHITELIST', true);
    

    Let me know what will happen on your end.

    Thread Starter Natalia

    (@nataliaszw)

    Hi.
    Thank you! Now, I can log-in. Is there anything else that should be done?

    Plugin Contributor Prashant Baldha

    (@pmbaldha)

    @nataliaszw

    Can you please remove the below code line and able to login?

    
    define('AIOS_DISABLE_LOGIN_WHITELIST', true);
    
    Thread Starter Natalia

    (@nataliaszw)

    Thanks.

    After removing this line, a 403 error appeared and I cannot log in.

    Thread Starter Natalia

    (@nataliaszw)

    @pmbaldha

    Hi. What next should I do? I cant login after removing the line you asked. Thank you!

    Plugin Contributor Prashant Baldha

    (@pmbaldha)

    It looks like the login whitelist is not disabled automatically on the upgrade of the AIOS plugin.

    Before the AIOS 5.0.9 version, the login whitelist was not working on all non-apache servers and a few specially configured apache servers because It was implemented based on HTACCESS rules. You may be enabled the login whitelist feature in the AIOS version older than 5.0.9 version. The login whitelist feature has begun working from AIOS 5.0.9 version because we have implemented the logic in the PHP code instead of HTACCESS rules. Same time, we have disabled all enabled login whitelisting and shown notice on upgrade.

    Please re-add the below code line in the wp-config.php file:

    
    define('AIOS_DISABLE_LOGIN_WHITELIST', true);
    

    Then log in to admin dashboard, Go to Admin Dashboard > WP Security > Brute force > Login whitelist, untick the “Enable IP whitelisting” checkbox and save settings.

    Then you can remove both newly added code lines from wp-config.php file and you will login without any hesitation in the future.

    Thread Starter Natalia

    (@nataliaszw)

    @pmbaldha

    Thank you. All works fine 🙂

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘403 at on login page after update’ is closed to new replies.