repeated security lockouts not logged | WordPress.org

karelles
(@karelles)

8 years, 10 months ago

A client is experiencing being locked out, even when he’s using the correct password. I understand that someone else may be using the username and getting him locked out, but what’s weird is that it’s not being logged – either the invalid user or the valid user getting locked out. So when it happens I can’t even go in and release the lockout!
And worse yet, I’ve tried whitelisting his IP (and the IP is staying the same) and that has no effect.

I’m thinking I may make another user for his admin account and turn this one into less privileges or delete it entirely but that won’t address the reason why it’s not being logged and whitelisting doesn’t work.

https://wordpress.org/plugins/better-wp-security/

Viewing 1 replies (of 1 total)

iThemes Support
(@ithemes-support)

8 years, 10 months ago

Hey Karelles,

Is the whitelisted IP making it to the database? It’ll be in the itsec_global row found in the yourprefix_options table. Copy the option values and place them in an editor so they’re easier to see.

Do you have the logging set to database, file or both? Is anything else not getting logged?

Thanks,

Gerroald

Viewing 1 replies (of 1 total)

The topic ‘repeated security lockouts not logged’ is closed to new replies.

Tags

In: Plugins
1 reply
2 participants
Last reply from: iThemes Support
Last activity: 8 years, 10 months ago
Status: not resolved