Forums » Plugin: All-In-One Security (AIOS) – Security and Firewall » login lockdown IP whitelist Locks EVERYONE except Admin

  • Resolved deadparrotsoftware

    (@deadparrotsoftware)


    After installing and setting up the security plugin,
    suddenly ONLY the admin (our IP) was able to login!
    – HUNDREDS of users were locked out.
    Users got a “forbidden” page from using the “special” login link/page (also setup with your plugin with “rename login page”)

    After a couple of days messing with all the plugins, like wordfence, etc. we discovered if we REMOVE the “login lockdown IP whitelist” code in .htaccess THEN people can login properly.

    Is the function of this setting supposed to lock out everyone except the IP of the admin user? (that tends to happen with code like ‘Require all denied’ in htaccess)

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi,

    Is the function of this setting supposed to lock out everyone except the IP of the admin user? (that tends to happen with code like ‘Require all denied’ in htaccess)

    Yes, that is correct. It will allow those with the IP address added to the following field Enter Whitelisted IP Addresses: to have access to the admin panel in your site. In other words, if you have other users login into the admin panel in your site then you have to add their IP address (As long as it is a static and not a dynamic IP address) to the aforementioned field above.

    Kind regards.

    Thread Starter deadparrotsoftware

    (@deadparrotsoftware)

    Thanks.

    The App doesn’t say that enabling that option will lock out everyone except admin IP.
    We had the impression it ensured admin access even if something ELSE locked down the site.

    You might want to enhance the description in the plugin for that setting.

    Plugin Support vupdraft

    (@vupdraft)

    Hi,

    This is default functionality for a whitelist. No-one can enter except those explicitly listed. I will pass on your feedback regarding labelling to our development team

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘login lockdown IP whitelist Locks EVERYONE except Admin’ is closed to new replies.