Sorry to hear about the trouble you’re having. We’re here to help, however we can.
Whenever you or your users are getting blocked by Shield, best is to review your audit trail. It’ll tell you what exactly have happened, and you’ll know the possible reason of the block. Then, you can resolve the problem easily.
This is how to use audit trail:
Please feel free to pick up one of the IP addresses of the users that are getting blocked, filter audit trail logs by that IP address and let us know what results you get. It would be great if you could provide a screenshot.
This is an example screenshot (logs filtered by IP and audit log results for this IP):
Thank you for your reply and no worries this is a good program that I am liking so far, all the reviews can’t be wrong. Any problem I am sure there are a solution and thanks for explaining this to me and now I know how to search this out.
If you need more info let me know but all the IPs I checked and these reasons are shown for all either the first or the second.
Listed below are the Offenses these members are getting ding for seems all around the login
User “DarthMaul” attempted “login” but Bot checkbox was not found.
Attempted user login by “DarthMaul” was successful.
Auto Black List offenses counter was incremented from 2 to 3.
404 detected at “/pm_login/tact.gif”.
Firstly, happy to hear that you like Shield. 🙂
Thanks for being so very cooperative and for providing additional info about the problem.
The audit trail entry you provided for this user is telling us the following:
1) 1st login attempt failed. User did not check the “I’m a human” checkbox. This triggered Shield offense.
2) 2nd login attempt: He checked the checkbox and managed to login successfully.
What you could try doing is set the Failed Login to “log” instead of incrementing offenses, until you can fully ascertain what’s happening so folk don’t get blocked.
Maybe they forget to check this bot checkbox, or maybe it isn’t showing for them at some point. You’ll need to investigate this…
404 detected at “/pm_login/tact.gif”
means that user tried to load a non-existent page.
You can set this block to “log” only as well (if not already).
This will ensure that your users are not get blocked when they hit the 404s.
You can also review this page, because this can be a non-existent page or legitimate link on your site that is 404.
Hope this helps.
We’ll be here for any further help you may need.
Thank you, I am sure that will solve the problem I am having.
I am still having some issues that are likely site-specific as many use this plugin with no issues.
My users are now not able to login, I can I assume because my IP is whitelisted when user login they just get the error you must be login…nothign happens.
I just had to turn off the entire login protection so user can login.
The same issue as I mentioned before the audit show this.
User “*****” attempted “login” but Bot checkbox was not found.
Attempted login failed by user “******”.
Auto Black List offenses counter was incremented from 0 to 1.
It continues to count them as offenses but I have set that to log as instructed so it is not blocking users now after the limit is reached.
The one issued mentioned bot checkbox was not found? not sure what that is I am not using captcha, also I use a custom login URL because I use a membership plugin.
I have been evaluating now for a while and would like to go pro but these issues are a roadblock if I can get them solved?
Thanks for the update.
You’re not affected because you have whitelisted your IP.
The checkbox in-question here is a checkbox that is automatically inserted into the WordPress login form. (“I’m a human” checkbox)
Shield is founded on using standard WordPress API/hooks/filters. If you are using a custom login form that doesn’t use these standards, then it’s possible that the form doesn’t fire the necessary WordPress hook that allows us to insert the checkbox.
Since you’re using a custom login form, this is why this checkbox isn’t present.
You have 2 options:
1) Turn off the Bot Protection option within the Login Guard module since your custom login form doesn’t support it
2) Or, don’t use a custom login plugin/theme or use one that supports standard WordPress login hooks.
Hope this helps.