Support » Plugin: Cerber Security & Limit Login Attempts » Site Blocked my IP, now can’t login.

  • Resolved videogamerumors

    (@videogamerumors)


    WP Cerber has no indication of why this is happening anywhere in the config, plugin, etc. I am now permanently banned from my own site with no way of resolving the issue. Even uninstalling WP cerber does not allow computers on my home network to connect to my wordpress installation in the cloud.

    I mistyped my username.

    WP Cerber was set to immediately block IP after inputting non-existent username.

    In Cerber activity it shows that my IP was blocked.

    Cerber blocked list does not indicate that any IPs are blocked.

    Still cant connect to my WP unless I use my phone’s hotspot to give my laptop internet, instead of home router.

    Is there a way “behind the scenes” to reset this permission- or to change whatever file WP cerber modified to block access?

    As of now this is completely destructive with no ability to resolve. Disgusting.

Viewing 15 replies - 1 through 15 (of 27 total)
  • Plugin Author Gioni

    (@gioni)

    Hi!

    How do you know that Cerber has locked out your IP after using non-existing username? If any IP address is locked out by Cerber, you see that address on Lockouts tab in the WP dashboard. No exceptions.

    If you, like you said, has deactivated the plugin, Cerber stopped blocking any IP immediately. Please check other plugins, site settings, etc. for the cause.

    Plugin Author Gioni

    (@gioni)

    Unlike other plugins, Cerber does not modify ANY system/website settings. Neither ANY files on your website.

    Deactivating the plugin turn off the Cerber engine completely.
    Deleting the plugin folder turn off the Cerber engine completely.

    If you think that Cerber is the cause of some issue, just remove the plugin folder. It’s safe.

    http://i.imgur.com/cI35abw.png

    videogamerumors

    (@videogamerumors)

    My IP was blocked in Cerber. This is indisputable fact. From that exact moment on, I have been unable to access the site with any device behind the IP address that received the block.

    Everything else connects just fine.

    The Access List / Blocked page does not have any entries. I have even whitelisted the ip / range. No fix.

    WP Cerber banned me from my own site.

    [Edit 1]: Furthermore- the Lockouts (even from the exact moment of blocking the IP) table has been empty when viewed from the WP console.

    [Edit 2]: WP Cerber obviously does store something somewhere other than in the Plugins folder, as after removing it entirely then re downloading and installing a fresh version restores previous entries in the history.

    Plugin Author Gioni

    (@gioni)

    If you see no IPs on Lockouts page, the plugin currently doesn’t block any IPs except IPs from the Black IP Access List.

    If you put your IP on the White IP Access List, your IP will never be locked out under any circumstances.

    The plugin does not store anything somewhere other than in database tables of a website at all.

    avpman

    (@avpman)

    Try some basic troubleshooting steps.

    1) Get your ip address http://get.youripfast.com/
    2) CALL your hosting provider and ask them if THEY have blocked your ip for any reason.
    3) Rename the cerber plugin folder wp-content/plugins/wp-cerber to wp-cerber.bak (this will disable the plugin.) You can use filemanager in cpanel to do this.
    4) Now try to login. If disabling the plugin allows you to login now then it’s wp-cerber’s problem, otherwise it’s something else.

    • This reply was modified 4 months ago by  avpman.
    Plugin Author Gioni

    (@gioni)

    @avpman Thanks for your ideas!

    @videogamerumors Make sure that your website is not behind a proxy. Make sure that you see your IP address on the Activity tab as it shown on http://get.youripfast.com or https://www.whatismyip.com/. If your website is behind a proxy, go to Main Settings page and check My site is behind a reverse proxy.

    videogamerumors

    (@videogamerumors)

    @ avpman- First things first, I am a full-time Network Engineer professionally. “Some basic troubleshooting steps” are what I have most assuredly already completed. That tone doesn’t help the issue at hand.

    Responding to your instruction step by step:

    1.) IP and entire Subnet verified both externally and internally.
    2.) Hosting provider and ISP on both sides are not blocking traffic either direction regarding the 2 ip’s in question.
    3.) WP-Cerber plugin removed, renamed, re-added from backup, re-added from core, etc.
    4.) Disabling the plugin did not restore access.

    read next section before responding–

    @gioni: Website is not behind a proxy. Router is not behind a proxy.

    The very instant that WP Cerber BLOCKED IP, the router and all devices behind it lost access to the server. IMMEDIATELY checking the site access from other networks showed two things: 1.) ONLY this network was blocked, and 2.) NOTHING was indicated on Lockout page, only on the activity history page.

    To finalize: completely removing the entire WP-Cerber plugin, then installing a NEW and FRESH install did “NOT” install a NEW and FRESH installation. It retained all activity logs and settings.

    THUS: WP-Cerber is either modifying or storing files somewhere OTHER than in it’s own Plugin folder.

    Where does WP-Cerber SPECIFICALLY block an IP address? Which file exactly?

    This is beyond infuriating; the plugin blocked network connectivity, immediately reported it, but did not display it through block logs. This plugin is screwing me real hard right now.

    Plugin Author Gioni

    (@gioni)

    You said “Disabling the plugin did not restore access”, and therefore that means that your IP address is blocked somewhere else because:


    Deactivating the plugin turn off the Cerber engine completely.
    Deleting the plugin folder turn off the Cerber engine completely.
    The plugin does not store anything somewhere other than in database tables of a website whatsoever.

    The plugin logs activities to the cerber_log table and stores locked out IP addresses in the cerber_blocks table.

    Plugin Author Gioni

    (@gioni)

    @videogamerumors Hi! How is it going?

    videogamerumors

    (@videogamerumors)

    As of today- the problem is no longer interfering with my ability to access the site because I managed to get my ISP to change my IP address– this took 36 hours of waiting for a DHCP reservation to fall of, meaning WP Cerber took my home out of internet commission for 36 hours, and prevented access to my website itself for a few days.

    This is still very much a fatal design flaw in the implementation of WP Cerber that makes it an unreliable and dangerous tool that WILL block communications to your server and not indicate how to remove this block from being in effect.

    In troubleshooting; I removed everything from the site in attempt to isolate the issue to anything other than WP Cerber (the plugin that did the initial block– view the image I submitted earlier in this thread for the proof).

    Nothing resolved the issue. The exact IP that WP Cerber blocked was unable to reach the front end of the wordpress site (lo-and behold, the only part that WP Cerber has ability to access– devices behind that fronting WAN IP were able to get through to the server just fine).

    Here is an issue that needs to be resolved, and is a reiteration of above: if you completely remove WP Cerber’s folder from the Installed Plugins root folder, then install a COMPLETELY NEW AND FRESH INSTALL, it will retain 100% of the prior configuration and activity history. This flies in direct disregard of Gioni’s statement that the Plugin Folder is the only location WP Cerber stores data.

    This means that WP Cerber is unreliable, untrustworthy, and ultimately a damning piece of software. If the author’s words fly in the face of truth, don’t trust their code.

    James

    videogamerumors

    (@videogamerumors)

    @gioni – though I am very frustrated with this down time, I can’t say that I don’t appreciate you responding to posts here and at least making a small effort to offer assistance.

    The outcome of this situation has left me unable to trust your plugin simply because of the software’s actions.

    From all appearances, you work hard to better the WordPress community at large. If this is truth, then I appreciate the effort you put forth. Again, because your plugin screwed me so hard, I have no ability to have faith in its effectiveness- if it fails on small things, how can I know it’s going to work on big things?

    Take this for what you will. If I am ever able to root out the file that WP Cerber actually wrote into in order to permeate the block, I will publish that information to hopefully prevent someone else from suffering this same issue.

    James

    Plugin Author Gioni

    (@gioni)

    Thank you for your explanations and all your attempts to get the plugin working on your website. Unfortunately, I cannot accept all of your conclusions and bad words about the plugin. And unfortunately, you didn’t hear me when I told you that the plugin saves everything in the DB of a website, doesn’t block any IP in the White IP Access List and stops working after deactivating. Sadly, but you still don’t realize that the real cause of your issue is not the plugin and you, sadly again, consider it as an easy target for blaming.

    I will not continue this non-productive discussion anymore. I hope you’ll get a better experience with another plugin.

    nintendeal

    (@nintendeal)

    Hey Gioni,

    Appreciate you trying to support this issue. I’m actually experiencing the same exact thing. My problem is that my outside IP address will never changed (this entire building is NAT’d to one outside address). There were two attempts with a nonexistent username from this building and now I am unable to access the site from here. I can, however, access it from everywhere else I have tried.

    I removed the lockout and even set the IP address in the whitelist, but I’m still unable to get to the site. Works on my phone, works from other buildings (with other outside IP addresses).

    I attempted to disable the plugin, but I’m still not able to get to the site from this one IP address.

    Thoughts?

    videogamerumors

    (@videogamerumors)

    @gioni – two things are true.

    1.) You have an issue that is affecting multiple users due to somewhere that WP Cerber is blocking “failed username” login attempts.

    2.) WP Cerber stores information SOMEWHERE outside its own plugin installation folder. This I have verified multiple times by deleting the entire plugin folder and rebuilding the plugin database from scratch (meaning 0 plugins). After then downloading a new version of the Plugin directly from this site and dropping those files into the NEW Plugins folder, WP Cerber has a complete log and all its original settings from before the directory rebuild.

    This issue either A.) Needs to be resolved, or B.) this plugin needs to be pulled from the market until further troubleshooting can resolve this issue.

    James

Viewing 15 replies - 1 through 15 (of 27 total)
  • You must be logged in to reply to this topic.