Banning Server IP | WordPress.org

indigokj
(@indigokj)

9 years, 11 months ago

We have iThemes Security running on several sites and have had a reoccurring problem: We get site lockout notifications:

A host, [our server IP], has been locked out of the WordPress site at http://www.website.com due to too many attempts to access a file that does not exist.

or:

A host, [our server IP], and a user, admin, have been locked out of the WordPress site at http://www.website.com due to user tried to login as “admin.”.

In WordFence you can specify how WordFence gets IPs; we use the options that says, “Use the X-Real-IP HTTP Header”. This way offending IP addresses are correctly identified. How can I do this in iThemes Security?

https://wordpress.org/plugins/better-wp-security/

Viewing 1 replies (of 1 total)

dwinden
(@dwinden)

9 years, 11 months ago

@indigokj

This is done automatically in the iTSec plugin.

The only thing you can do is override the default IP detection behavior which is NOT what you want.

If the Override Proxy Detection setting in the Global Settings is currently ticked UNtick it.

dwinden

Viewing 1 replies (of 1 total)

The topic ‘Banning Server IP’ is closed to new replies.

1 reply
2 participants
Last reply from: dwinden
Last activity: 9 years, 11 months ago
Status: not resolved