Support » Plugin: Limit Login Attempts Reloaded » Logging wrong IP address?

  • Resolved smartysmart34


    Hello all,

    I have a site that is set up using nginx as gateway host. So the nginx gateway receives the external requests and – if it is related to WordPress, passes it on to
    My issue is that since the last update – instead of logging the address specified in the header X-Forwarded-For, the plugin seems to trigger on the host address But then, not only do ALL connections come from there, it also locks me out of the site regardles which network I connect from.

    Is this a known issue? Any suggestions what I might want to look for here?

    Thank you and kind regards,

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author WPChef


    Hello Martin,

    The plugin doesn’t trust any IP addresses other than _SERVER[“REMOTE_ADDR”] anymore. Trusting other IP origins make protection useless b/c they can be easily faked.

    To handle your situation we recommend you to configure your server so it populates the _SERVER[“REMOTE_ADDR”] variable with the values from the X-Forwarded-For header and only if your trust those values.

Viewing 1 replies (of 1 total)
  • The topic ‘Logging wrong IP address?’ is closed to new replies.