All In One WP Security blocks the first attempt to log into the admin panel. .

  • Resolved vaka2vaka

    (@vaka2vaka)


    4 years, 11 months ago

    After update 5.2, the plugin: All In One WP Security blocks the first attempt to log into the admin panel. . When you re-enter the box – everything is fine. When you disable All In One WP Security, the problem disappears.
    When adding “? Loggedout = true” to the end of the address page, the problem disappears.
    It seems it is connected with the substitution of the entry address.
    Tested on five sites
    The problem appeared after the wordpress 5.2 update.

    At the first unsuccessful login to the admin panel, errors – Wrong authorization attempts – does not appear

    https://ibb.co/RT5kZyS

    • This topic was modified 4 years, 11 months ago by vaka2vaka.
    • This topic was modified 4 years, 11 months ago by vaka2vaka.
    • This topic was modified 4 years, 11 months ago by vaka2vaka.
    • This topic was modified 4 years, 11 months ago by vaka2vaka.
    • This topic was modified 4 years, 11 months ago by vaka2vaka.
Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    4 years, 11 months ago

    Hi, I just carried out a test in my dev site and I was able to log out and then log back in after I updated the site to WordPress 5.2.

    Have you done a plugin, theme conflict test? For example: Deactivate all of your other plugins then carry out a test.

    Let me know how you go.

    Kind regards

    Thread Starter vaka2vaka

    (@vaka2vaka)

    4 years, 11 months ago

    I deactivated all plugins. Installed the Twenty Seventeen theme.
    The problem remains.
    As soon as I remove – Protection against brute-force attacks – and replace the login page \Enable the option to rename the login page/ – the problem disappears.
    Checked on five sites.

    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    Plugin Contributor mbrsolution

    (@mbrsolution)

    4 years, 11 months ago

    Hi,

    So what you are saying is that the issue is related to Enable Rename Login Page Feature: feature under Brute Force. Is this correct? If it is what is your permalink structure set too in your site?

    Regards

    Thread Starter vaka2vaka

    (@vaka2vaka)

    4 years, 11 months ago

    Yes it is.
    Link /% category% /% postname%

    In the fasting post, I was wrong. The exact description of here

    Once again I will clarify – https: //*******.com/*****/ – problem
    Login for example https: //*******.com/******/? loggedout = true – without errors

    Sites worked for about three years. Everything was great. The problem arose only now after update 5.2.
    Tested on different devices and browsers.

    The problem is not critical. Just at the entrance there is a warning at once, as in the screenshot. https://ibb.co/RT5kZyS
    The warning appears immediately after opening the login page.

    ERROR: You have not entered a username.
    ERROR: You did not enter a password.

    Entering the page is perceived as an attempt to enter the admin panel

    After entering the login and password – everything works.

    I have a test site, I can provide access

    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    Thread Starter vaka2vaka

    (@vaka2vaka)

    4 years, 11 months ago

    log files

    my ip.***.***.*** – – [08/May/2019:10:31:38 +0300] “GET /*** HTTP/1.0” 200 1778
    my ip.***.***.*** – – [08/May/2019:10:31:40 +0300] “POST /*** / HTTP/1.0” 302 20
    my ip.***.***.*** – – [08/May/2019:10:31:40 +0300] “GET /wp-admin/ HTTP/1.0” 200 28388

    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    Plugin Contributor mbrsolution

    (@mbrsolution)

    4 years, 11 months ago

    Hi, thank you for reporting back. The plugin developer is currently investigating this issue.

    Kind regards

    Plugin Contributor mbrsolution

    (@mbrsolution)

    4 years, 11 months ago

    Hi, can you test the latest version. Let us know if your issue is resolved.

    Thank you

    Thread Starter vaka2vaka

    (@vaka2vaka)

    4 years, 11 months ago

    Hi, Version: 4.3.9.1- issue is resolved.
    Thank you

    • This reply was modified 4 years, 11 months ago by vaka2vaka.
    Plugin Contributor mbrsolution

    (@mbrsolution)

    4 years, 11 months ago

    Hi, thank you for reporting back and lettings us know the patch works πŸ™‚

    Enjoy the plugin.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘All In One WP Security blocks the first attempt to log into the admin panel. .’ is closed to new replies.