Support » Plugin: All-In-One Security (AIOS) – Security and Firewall » Blocked IPs Can’t Be Unblocked via Admin

Blocked IPs Can’t Be Unblocked via Admin

  • Resolved mattsaler

    (@mattsaler)


    6 years, 1 month ago

    One of my client sites experienced an issue today where one user on a corporate IP address used a mistyped username to log in.

    The Instantly Lockout Invalid Usernames setting immediately locked him out, as well as everyone else on that IP range who tried to log in. I was notified about the lockout and went in to unlock the IP range, but the mechanism didn’t work. The confirmation modal came up after I clicked “Unlock” on the row and a success message appeared on the page, but the list didn’t change.

    Another user tried the Unlock button from the login screen, but the url didn’t work.

    I tested a few things on the staging version of the site and experienced the same issues. Turning off Login Lockdown entirely didn’t fix the issue. Neither did turning off all security settings through the dashboard. Disabling the plugin worked, but was not an option. The issue still presented itself when I re-enabled the plugin.

    I ended up having to delete the relevant row from the lockdown database table. I have now disabled the Lockdown feature, but I would like to have it back and functional again. We are up to date with the latest version of the plugin.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    6 years, 1 month ago

    Hi, I just carried out a test on one of my testing sites.

    I enabled the same features you mentioned above. I carried out the following steps.

    1. I purposely locked one of my users with x IP address by typing in the wrong user name.
    2. Then I received the message saying that the IP address was locked out.
    3. I then checked the following WP Security -> Dashboard -> Locked IP Addresses to verify if the IP address was added and it was.
    4. Then I clicked on the unlock button. The user received an e-mail address with a link to unlock the account.
    5. I then clicked on the link and it opened up in the browser to allow the user to log back in.
    6. I was able to log back in using the correct username and password. All this happened while I was logged in in another browser.
    7. I then checked the following WP Security -> Dashboard -> Locked IP Addresses. The IP address was not listed any more.

    This worked for me without any issues.

    My question is as follow. Do you have more than one security plugin installed in your site? Do you have a multisite set up in place?

    Plugin Contributor wpsolutions

    (@wpsolutions)

    6 years, 1 month ago

    Hi @mattsaler,
    That’s very odd.
    I will do some tests on my test site to see if I can reproduce what you are seeing. Will keep you posted.

    In addition to the checks mbrsolution has outlined, you should also check your server’s PHP error log file to see if there are any logs pertaining to this issue.

    • This reply was modified 6 years, 1 month ago by wpsolutions.
    • This reply was modified 6 years, 1 month ago by wpsolutions.
    Plugin Contributor wpsolutions

    (@wpsolutions)

    6 years, 1 month ago

    Hi again,
    I performed numerous tests and everytime I was able to unlock an IP address successfully from the “Locked IP Addresses” tab in the Dashboard menu.

    I think that this problem is something which may be unique to your site – possibly a conflict somewhere??
    Perhaps after you check your server PHP logs (as mentioned in the previous reply) you might get a better idea of what the cause is.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Blocked IPs Can’t Be Unblocked via Admin’ is closed to new replies.

Views