Hi,
In the whitelist settings page there is a field called “You Current IP Address”. Did you also enter that address in the whitelisted box?
You can also enter address ranges too by using the “*” character.
-
This reply was modified 6 years, 9 months ago by wpsolutions.
Yes, all the IP addresses of the people using the site are in the list. And end up in the htaccess snippet pasted above. You get a 403 regardless of if your IP is on the list. As I said the server IP and the cloudflare IP were added as well, but 403’s across the board
Any progress or thoughts on this yet?
Hi Adam,
Which version of AIOWPS do you have installed?
When you compare your IP address in the AIOWPS “You Current IP Address” field to that from an external google check, are they the same?
I’m not entirely sure why you are seeing such behaviour and I can’t reproduce it on several of my sites. This leads me to believe there is something unique to your web server setup which is causing this.
It could be that the IP address which the AIOWPS plugin thinks is your actual address differs from the IP address your server is comparing this to at the Apache level.
I recommend that you ask the host support guys regarding the behaviour you are seeing.
Show them the white list .htaccess code and ask them why all of the IP addresses in the whitelist are being blocked. This usually means that the server thinks you have a different IP address to the “whitelisted” addresses.
You can also try the following wp-config.php modification which fixed someone else’s issue related to IP address calculation (see my response in the following thread):
https://wordpress.org/support/topic/wp-security-doesnt-recognize-external-ip-addresses/
(if you do the above modification, go back into the whitelist settings and verify if YOUR IP address shown by the AIOWPS is different from what you had last time. If so, enter that into the whitelist settings too and see if that fixes your issue)
I am doing some experiments. Latest version of the plugin. Now it seems like the Login Lockdown IP Whitelist Settings settings have no effect at all. htaccess is not changed to add the <FilesMatch “^(xxx)”> markup.
So when you check the ‘Check this if you want to enable the whitelisting of selected IP addresses specified in the settings below’, it has no effect on the site or htaccess any more.
htaccess is not changed to add the <FilesMatch “^(xxx)”> markup
Does the AIOWPS write anything at all to the .htaccess file? For example, when you enable one of the firewall rules do you see evidence of that rule in the .htaccess file?
Did this strange behaviour start recently? My understanding is that once you were seeing the whitelist directives in the .htaccess file – is that right?
Yes. AIOWPS pretty much is a mechanism to write rules to htaccess. I might be crazy, but it seems like that feature stopped writing the filesmatch rules all of a sudden.