Support » Plugin: Shield Security: Protection with Smarter Automation » BUG: blacklisted while whitelisted

  • Resolved tomdekok

    (@tomdekok)


    Hi Paul,

    I love the plugin, but the whitelist/blacklist functionality doesn’t work right. To make sure I am not locked out while testing things, I’ve whitelisted myself, both v4 and v6 IP. However, that doesn’t work at all. I am being blacklisted while testing all the time.

    How can I make sure that I am not blacklisted from now on?

    Thanks in advance!
    Tom

    EDIT: I just added the v6 IP again and not I am assured that I will never be locked out again. First time I got that message, so I will keep my fingers crossed! 😀

    • This topic was modified 6 months, 3 weeks ago by  tomdekok.
Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author One Dollar Plugin

    (@onedollarplugin)

    Ahh okay, perhaps something was going wrong with the whitelist IP addition, or IP detection which wasn’t recognising your visitor IP address as you expected it.

    Keep us posted if the problem persists.

    Hi there,

    Thanks for responding! I thought it was fine now, but somehow just now I got kicked out again. I am still sitting in the same spot, i.e. IP address, and for some dark reason I am thrown out. But I am still doing the same stuff, testing account logins, etc.

    Adding: I just realise I currently have dynamic IP addresses. This isn’t the case normally, so when I added my IP again, I saw it was different. Hard to notice sometimes as they are V6 and really, really look alike 🙂

    I will be switching to static IP soon again, but I assume this is the case for many people out there using Shield.

    Any suggestions as to how to prevent this from happening with a dynamic IP?

    Best regards,
    Tom

    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    If you have dynamic IPv6, then whitelisting isn’t going to help you here.

    What you need to do is find out the reason you’re triggering the firewall and white list it

    This may help:
    https://icontrolwp.freshdesk.com/support/solutions/articles/3000079746

    Thanks for the article. The problem appears to be this:

    “User “harry” attempted to login but GASP checkbox was not present. Probably a BOT.”

    This is not correct at all, this user and other users – with which I am testing a complicated login structure – appear as a bot. Even though the login is successful, the counter is incremented. This should not happen, obviously.

    Also, next to the counter it is stated: (Your IP). This makes it even more strange. Apparently Shield knows this is the current admin working on that IP and then still the counter is incremented assuming it is a bot.

    I resolved this by turning off the login form protection. This is not the best thing to do, so if there’s another way, please let me know!

    Thanks in advance!
    Tom

    • This reply was modified 6 months, 3 weeks ago by  tomdekok.
    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    So if you have a “complicated” login structure – which I assume means you’re using 3rd party plugins that aren’t firing standard WordPress hooks – then yes, this is going to happen. You’ll need to keep login protection turned off since if your login forms aren’t firing WordPress hooks, or we haven’t built a specific integration to the particular login forms you’re using, it’ll not work.

    The user is being flagged as a bot because he didn’t check the checkbox to say he wasn’t. Whether or not the checkbox appears on the form, the checks will still run on the backend.

    Okay, clear. So how do I solve this? Since many, many websites contain third party login forms, like this one, just turning off login form checks is not a solution.

    As a developer for many large companies in the past I have integrated professional plugins to enable better logins. I cannot imagine Shield does not provide a solution here?

    I am assuming that the backend login is not protected now either?

    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    We offer support (insofar as it’s technically possible) for 3rd party integrations, and a lot else besides, for paid subscriptions only (https://onedollarplugin.com/products/shield-security/pro/).
    If you’d like to discuss this further, please contact us here: https://support.onedollarplugin.com/form
    ..as this forum is not the appropriate place to discuss paid/premium subscriptions.

    Thanks!

    Okay, no problem, I have Pro. Will contact you through the form, thanks!

    Plugin Author One Dollar Plugin

    (@onedollarplugin)

    No problem, chat with you there.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘BUG: blacklisted while whitelisted’ is closed to new replies.