Hello @mobber79,
Thank you for taking the time to share your feedback, and I genuinely appreciate your frustration. Your concerns are valid, and I want to address each of them directly.
First, I want to acknowledge the real problems you’ve experienced:
Lockouts are frustrating, especially when you’re a technical user. Security plugins blocking legitimate traffic is a documented issue in the WordPress ecosystem, and you’re not alone in experiencing this. I also understand your concern about site performance and SEO impact. These are legitimate considerations, and your scepticism is well-founded given the circumstances.
About the random lockout:
Lockouts rarely happen without a reason, but the reason isn’t always obvious. This is precisely why we ask users to open support tickets. We’re not trying to hide behind a support wall, we’re genuinely trying to help you personally. Security lockouts can be triggered by multiple factors: IP address changes (VPN, network switches), automated bots mimicking legitimate traffic, firewall rules responding to suspicious patterns, or even accidental triggers from your own monitoring tools. Without access to your specific logs and configuration, we can’t tell you exactly what happened, but with a support ticket, our team can investigate your actual case and provide a tailored solution.
We’ve documented common causes and prevention methods extensively in our troubleshooting guide here: https://teamupdraft.com/documentation/all-in-one-security/troubleshooting/why-am-i-being-redirected-to-127-0-0-1/, but I recognize that this requires extra effort to find and implement on your own.
On performance and SEO concerns:
You’re right to suspect a connection. Security plugins can impact site performance, though typically by 1-2% when properly optimized. Regarding legitimate bots being blocked: this is a real edge case that happens when firewall rules are too aggressive. Google’s crawlers can sometimes be flagged if your rules don’t properly verify bot authenticity. To avoid this, please navigate to Firewall -> PHP Rules -> Internet bot settings and uncheck “Block Fake Googlebots.” This is the quick answer you were looking for, and I am deeply sorry it wasn’t public and easily accessible for you.
Here’s what we’re actually doing about this:
We’re actively working on improvements to address your exact concerns:
1) Better unlock mechanisms: We’re building easier self-service unlock methods so you don’t need to rename plugin folders or contact support
2) Improved UI clarity: We’re redesigning the interface to make it clearer why lockouts are happening and how to prevent them
3) Better bot verification: We’re improving our firewall to reduce false positives
What I’d genuinely like to offer:
Instead of just accepting your 1-star review as final, would you be willing to open a quick support ticket? Our team can:
- Review your specific lockout logs
- Check if there’s residual configuration causing issues
- Help you configure the plugin optimally for your use case
- Explore whether a different security approach might work better for your site
You deserve a technical conversation with someone who can actually troubleshoot your situation, not generic forum replies.
If after that conversation you still feel the plugin isn’t right for you, that’s completely fair, and we’ll support your decision. But I suspect once we see your specific logs, we can either solve the problem or at least give you a clear understanding of what was actually happening.
Would you be open to reaching out?
Best regards,
Alexandru Bucsa
Product Manager, All In One Security
