Hi @dcart87
- You say here the force logout is not on WP security > User login > Force logout. Do you have cookie-based brute force on? If yes make sure My site has a theme or plugins which use AJAX is enabled. It might be after 15-second ajax call-making issue. If still issue. Rename the plugins folder “all-in-one-wp-security-and-firewall” to “all-in-one-wp-security-and-firewall-deactivated” at location /wp-content/plugins/all-in-one-wp-security-and-firewall It will deactivate the plugin and cross-check the AIOS is actually making issue or something else and let me know.
2. WP Security > Miscellaneous > WP REST API Can you please cross check the Disallow unauthorized REST requests: is not checked ?
Regards
1: cookie-based brute force was not switched on.
2: this was not checked.
I’ve disabled and deleted the plugin since I can only navigate to a few pages then it kicks me out.
Hi @dcart87
Ok, It seems a strange issue. that it logs you out and also the REST API does not work though Disallow unauthorized REST not checked. Can you please share with me aio_wp_security_configs option value? using https://pastebin.com/ with the option burn after read so it will be secured and can be read once only.
SELECT * FROM wp_options WHERE option_name LIKE '%aio%'
https://snipboard.io/AVyaWZ.jpg
Also can you please let me know what hosting are you using?
Regards
I’ve reset the plugin and removed all the rules, then re-enabled. The issues seem to have gone.
The only concern now is the IP address connection settings – the yare set to default but it’s asking me to confirm. Don’t know which one to choose – contacted hosting they don’t know either
Hi @dcart87
You should cross check https://whatismyipaddress.com/ showing your IP matches the detected IP address by AIOS in WP Security > Settings > Advanced settings.
Please check that and if ok you can confirm it.
Regards
This appears to cross check ok thank you
