Support » Plugin: iThemes Security (formerly Better WP Security) » IThemes says Users are Blocked but they are not

  • I have been testing the 404 detection part of the plugin, I run a scanning tool from a completely separate IP to the one I am configuring iThemes with, I then receive a huge amount of notifications telling me the IP has been blocked. I then attempt to access the website from the blocked IP and can access it perfectly fine.. No blocking seems to have occurred at all.

    I am using NGinx, so not sure if that has anything to do with it?.

    Thanks in advance

    Will

Viewing 1 replies (of 1 total)
  • When testing the brute force functionality of the iTSec plugin there are a couple of things you need to keep in mind.

    First of all the IP of any user with the manage options capability that successfully logs into the WordPress Dashboard is automatically whitelisted (max 24 hours).

    Next, the iTSec plugin distinguishes between a temporary lockout and a permanent ban.

    Not sure why but I get the impression your “notifications of IP has been blocked” is actually a temporary lockout (which by default expires after 15 minutes).

    The Release Lockouts sidebar widget should show you the temporary host lockout.

    By default after 3 host lockouts from the same IP within 7 days the IP is permanently banned.

    When the iTSec plugin permanently bans an IP it writes the IP to the nginx.conf file as configured by the NGINX Conf File setting in the Global Settings module. Let’s call this the plugin nginx.conf file.

    In order for it to have any effect on NGINX the file needs to be included in the main nginx.conf conf file!
    AND after any change to the plugin nginx.conf file the nginx process needs to be stopped/restarted OR the nginx conf reloaded for the change(s) to have any effect …

Viewing 1 replies (of 1 total)
  • The topic ‘IThemes says Users are Blocked but they are not’ is closed to new replies.