I just started getting the error today, though it may have started sometime in the last few weeks as I haven’t logged in recently.
It seems to be break sever wide. I manage a handful of WordPress sites on a three different servers. Once 1 site has a redirect loop error, all the sites on the same server get the error. I’m not really sure if this helps anyone with a fix, but I think it might shed a little light on the problem.
I’ve also read that this plugin is not supported and the developer(s) aren’t responding to help emails about this issue. I would suggest moving on to another brute force security plugin and periodically check back on the status of Login Lock. It could be lights out.
I’m seeing this same issue as well. I shut off the Enable the password policies and it still is expiring my passwords. This plugin has a LOT of bugs in it that remain unfixed. I”m not sure the dev is really updating it.. =(
I just had this issue: Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects (Chrome) and The page isn’t redirecting properly (Firefox). It came out of nowhere and I wasn’t able to log-in to my site.
Once I removed the plugin login-lock I was able to login without any other changes.
I added the plugin login-lock back and I couldn’t login.
Finally I just removed it, I’m looking for another plugin of the sort.
Got this message today on two of my websites (which are in two different host). After I manually deactivate the plugin by going to phpMyAdmin both website started working again.
Yeah. I’m thinking this plugin is not going to be updated by the developer. I’ve switched over to LoginLock. It’s not as robust, but still is good for protecting against brute force attacks.
Also, you can always deactivate a plugin by simply renaming or moving the plugin folder. It’s a bit easier and doesn’t require messing around in the database. Just another option.
Cheers!
I got the same problem after 30 days I have installed the plugin. The problem arises when the plugin wants to force you to change the password.
Once you get the redirection loop just open the site home page (at that moment you are already logged in) and you will see a page asking to enter a new password: enter the new password and you will be redirected to the dashboard.
π
Yeah, this might not actually be a bug, but the amateur looking page that you can’t get rid of without clearing the browsers cookies looks like something created to do harm.
This had me scanning my computer for viruses repeatedly before I tried disabling plugins. I sure had a higher opinion of this plugin before all this.
And the fact that they don’t respond to emails after their website encourages us to email them… all this has me smelling something phony and maybe it needs to be removed from the repository.
Has anyone gone through the code line for line to see if they are even legit?
Just wanted to add my 2 cents here. For me the plugin stopped blocking login attempts at all and so is essentially worthless now. Tried to contact the developer and got no response. I don’t think the developer is active with his website or plugins and I have removed login lock from my site.
Anyone know if login lock makes any other changes to the database than just adding the wp_login_fails and wp_lockdown tables?
Deleting the plugin did not remove these tables so if any other changes were made they are probably still in there.
Not sure what happened to this plugin.
Thanks.
I have just noticed this problem on my sites, the plugin is broken.
Clearly the plugin is broken and then I tried to visit the site and the certificate expired so I didn’t go any further. I can’t even email them. Dammit. I liked this plugin but the redirect loop issue is scary. I wonder if someone else had tried to visit my site and got that redirect would have been able to enter a new password and take over. Oh well.
Funny thing is there’s a link to donate to the site on my page. Yeah, right. It’s gotta work to get my money (and I DO donate to some that work well).
And since I notice there are no responses here from them, guess it’s dead.
IMPORTANT UPDATE – THEIR TWITTER FEED TODAY 6/21 SAYS SOMETHING ABOUT HACKING. Again, didn’t click link because their site certificate isn’t right. https://twitter.com/wpsecurity/status/83341473415827457
that’s about wordpress’ repository being hacked. nothing to do with WPSecurity.
as for their certificate, it just expired. just means they’ve been too lazy to update it. but for a security site, somewhat sketchy.
also that post is from a year ago (note the date – 2011, not 2012)
