If you are the admin and are locked by the lockout feature and you do not want to wait the whole period of the lockout time you could deactivate the plugin using FTP:
http://www.tipsandtricks-hq.com/deactivate-wordpress-plugins-without-logging-into-wp-admin-video-tutorial-4375
Also, I have noticed that you have been having a lot of confusion and trouble when using our plugin. Have you considered trying one of the other security plugins available? Perhaps one of them might match your needs more closely.
It suits my needs IF it worked properly. I whitelist my IP and it locks me out. Htaccess doesn’t. have my IP. So I come here for help, not to be told to use another plugin. Aren’t you here to help? I might duplicate my questions as they happen on different sites and I have no memory due to a brain illness five years ago. I sound like a stupid newbie now but five years ago wrote plugins and wrote php for my sites.
It is embarrassing to have to ask or help for simple problems. But when a plugin doesn’t work right, you should offer to fix the issue, not berate me for asking. It just frustrates me and makes you look unhappy people use your plugin.
I would appreciate a solution to being blocked while whitelisted in .htaccess yet not blocked there.
@sicksquirrel,
My intention was not to upset you but instead offer suggestions to help you and maybe save you some time.
Sometimes different plugins appear to suit certain sites better than others which is why I mentioned that maybe you can try some of the other security plugin options available.
I would appreciate a solution to being blocked while whitelisted in .htaccess yet not blocked there
If you are using the white list feature, then try disabling the “login lockdown” feature to save you the headache of being blocked for a period of time. The whitelist should be ample protection for your admin/login page.
Also you should probably disable the brute force feature too if it is causing you issues. This is why we offer multiple solutions for protecting login access because not all will suit every person.
I whitelist my IP and it locks me out. Htaccess doesn’t have my IP
Are you saying that when you enable the white list feature and enter your IP address in the settings, that your IP address is not appearing in the .htaccess file in between the #AIOWPS_LOGIN_WHITELIST_START/END tags?
Hello @sicksquirrel please check this tutorial and let me know if it helps you.
Kind regards
I have 5 sites that is using this and now they are all resolving to 127.0.0.1.
What gives??
@woodpecker34,
You have most probably also activated the brute force prevention feature in the firewall settings.
Please read this to learn how it works:
http://www.tipsandtricks-hq.com/all-in-one-wp-security-plugin-cookie-based-brute-force-login-attack-prevention-feature-5994
Just want to add that the cookie based brute force prevention feature is not going to work for everyone and every site. Lot of factors outside the plugin can affect how it works (we have no control over your server setup and stuff like that). Hence we didn’t label that feature as a “Basic” feature. Stick with the basic features first.
Use the login captcha feature as an alternative brute force prevention. Tutorial on how to use that feature is here:
http://www.tipsandtricks-hq.com/implementing-captcha-on-your-wordpress-login-page-6541
What happened is that the .htaccess file is blocking access. When I restored the old file, it let me in.
Would that have been caused by the brute force option?
Would that have been caused by the brute force option?
It is highly likely because the brute force feature adds rules to your htaccess file.
Ok, I read everything and went to change settings. 24 hours later, I’m still blocked. Off to deactivate via FTP.
Ok, got in, tried to get to Settings but it went to the login page. Remember, I haven’t been logged in for 4 days.
Your session has expired because it has been over 60 minutes since your last login. Please log back in to continue.
ERROR: Login failed because your IP address has been blocked. Please contact the administrator.
Now, this confuses me. I got in after four days but my session expired? And my IP is STILL blocked?? How do I get in????
This brings me back to my original question. If I’m not in .htaccess, how do I unblock my IP? I will disable/enable/reconfigure once I get in (if I ever do).
Edit: I deactivated, updated my password, reactivated but it went to login. Still blocked.
Just want to add that the cookie based brute force prevention feature is not going to work for everyone and every site. Lot of factors outside the plugin can affect how it works (we have no control over your server setup and stuff like that). Hence we didn’t label that feature as a “Basic” feature. Stick with the basic features first.
Use the login captcha feature as an alternative brute force prevention.
I can’t because I use a plugin (InfiniteWP) that logs into my site to scan/check various things. I’d LOVE to use captcha …
ERROR: Login failed because your IP address has been blocked. Please contact the administrator
10/31/2013 7:51 PM] – SUCCESS : Force Logout – This user logged in more than (60) minutes ago. Doing a force log out for the user with username: bleep
[10/31/2013 7:51 PM] – FAILURE : Error inserting record into wp_aiowps_login_activity
I went looking in your directories for an .htaccess file, to unblock me. I can’t find one. But I found a file showing lockouts and such. As you can see above, it forced me out but I never logged in as I’m banned.
Then there is an error entry which I don’t understand but thought you should be aware. All I know is 24 hours after being blocked, it gives the force logout and says I didn’t log out error. It contradicts itself. Meanwhile, I can’t get in or unban myself.
I need to unblock my IP. Please. I keep asking how without deactivating the plugin since that doesn’t work.
Hello @sicksquirrel do you have any other security plugin that might be blocking your IP address?
Kind regards
@sicksquirrel,
Please contact us using the following link so we can take a quick look at your site:
http://support.tipsandtricks-hq.com/contact
