Support » Plugin: Limit Login Attempts Reloaded » Banned IP is 127.0.0.1

Viewing 4 replies - 1 through 4 (of 4 total)
  • This is happening to us as well. I can’t find much about it but somehow Limit Login Attempts is blocking localhost (127.0.0.1) instead of the attackers’ IP addresses. The result is that whenever someone enters bad credentials, everyone gets kicked out of their account and nobody can log in until the ban expires.

    Are you by chance using Cloudflare or WebARX? I’m wondering if it could be some kind of conflict.

    Edit: According to this thread, it may be a conflict with Cloudflare. I can’t find any good documentation about this though. Is there a way to fix this?

    Edit 2: I did some testing and it seems that you can whitelist 127.0.0.1 to prevent the lockouts, but that also prevents legitimate lockouts as well.

    • This reply was modified 1 year, 1 month ago by  pikamander2.
    • This reply was modified 1 year, 1 month ago by  pikamander2.
    Plugin Author 2by2host

    (@wpchefgadget)

    Hello guys,

    We’re working on this.

    [ Signature deleted ]

    • This reply was modified 1 year, 1 month ago by  Jan Dembowski.
    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Side note: Hi WPChef, Thanks for the great support but please lose the signature. That’s prohibited in these forums as it’s been horribly abused in the past by others.

    Regards,
    WPChef Team

    Yes, bad people ruin it for others. Please refrain from that.

    https://wordpress.org/support/guidelines/#avoid-signatures

    Plugin Author 2by2host

    (@wpchefgadget)

    Hello,

    Jan, got you, sounds good.

    Regarding the issue: it would be really helpful if one of you guys upload a php file on your server and paste a link to the file here. The content of the file should be this:

    <?php
    
    echo 'HTTP_X_FORWARDED_FOR = ' . $_SERVER['HTTP_X_FORWARDED_FOR'] . '<br>';
    echo 'HTTP_X_SUCURI_CLIENTIP = ' . $_SERVER['HTTP_X_SUCURI_CLIENTIP'] . '<br>';
    echo 'REMOTE_ADDR = ' . $_SERVER['REMOTE_ADDR'] . '<br>';

    It will help us to better understand what’s going on.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Banned IP is 127.0.0.1’ is closed to new replies.