Support » Plugin: Custom Login » Question about a web host error message

  • Resolved lauritasita



    I have a question about an error message I got from Bluehost as I was accessing my website while adjusting the settings of this plugin.

    Bluehost suddenly blacklisted my IP address. I called their technical support and they told me the error message I got is usually a result of malware on my computer.

    The message I got while trying to access my website was:

    “Access denied. Your IP address [] is blacklisted. If you feel this is in error please contact your hosting providers abuse department.”

    My first thought was that the host thought I was trying to hack in to the website because of all the modifications on the log in page. I had been going in and out of the site from the log in page almost all day.

    I contacted BlueHost who said I need my client to call them to “white list” my IP address again, but in the meantime, I need to run a malware and virus scan.

    Is there any other reason for this to happen? Has anything like this have ever been reported? This message seemed to come from the web host, not from WordPress.

Viewing 11 replies - 1 through 11 (of 11 total)
  • There have been several other posts about this issue with BH in the past few days. You or your client DO need to contact BlueHost.

    My client called Bluehost, and I am able to access the website again. Everything seems normal again so far, but I am only “white listed” for the next 72 hours. They want me to run a malware and virus scan before I can be permanently white listed again. This is so strange.

    No, it’s because of massive brute force attacks on servers hosting WP sites – huge problem in the past week or so — see:

    @wpyogi – where is the link to the thread about this issue? I like to read it.

    Google will find you MANY more articles on the topic too…

    @wpyogi – Thank you for that bit of information.

    I just ran Trend Micro and it found several troj_gen viruses. I don’t know how I got so many or how I got them. I just hope it wasn’t a result of the plugin.

    Plugin Author Austin Passy


    It’s not from my plugin. If you have a simple password or an “admin” username you could have been hacked. This plugin doesn’t modify login access, just the design.

    Plugin Author Austin Passy


    I’ve got an brute force protection extensions for Custom Login which can be found on

    Hi Austin,

    Bluehost does not think my website was hacked. Here’s what we think happened as a result of using the plugin.

    As a result of applying the new settings for this plugin, I explained to Bluehost support that I was adjusting the settings of a login page styling plugin, and in order to see the results, I had to constantly look at the login page. When there are an excessive amount of hits on a login page from the same IP address, Bluehost will automatically blacklist that IP address.

    I was hitting the login page so many times, that their automated system at Bluehost thought I was a stranger trying to hack into the website. They explained that there’s a lot of that kind of thing going on and by blacklisting an ip address is one way they were trying to protect the website (which I actually think is good).

    They asked me to scan my computer for malware and viruses for hours and everything’s ok.

    I didn’t think your plugin had malware or viruses that I uploaded, but I thought I would ask anyway because so many people have been infected that maybe they might not have been aware of it.

    Bluehost said to give it about 72 hours to make sure I’m white listed again and to call them back if I’m not.

    Thanks for all your help,

    Plugin Author Austin Passy



    Yeah, now is not a good time to load your own wp-login page a few hundred times with all these brute attacks. 🙂

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Question about a web host error message’ is closed to new replies.