spook68
Forum Replies Created
-
Pie R: 3.6.2
WP update most likely from 5.5.2 because the site updates minor updates automatic.BR, Casper
Rechaptcha settings seemed to be off on the registration page. I visited the settings page and then the edited the registration page again. now it seems to work ok again.
This does not look like a helpful answer to me but I can’t replicate it anymore.- This reply was modified 5 years, 6 months ago by spook68.
I tested with only AIOWPS as active plugin.
The IP address is from my mobile, retrieved with https://www.iplocation.net/
Blacklist manager is on, IP is blacklisted.The site is still accessible…..
What can be wrong?
You can close this question. It was an email setting on the email server, not on the site.
BR, Casper
Hello
Can you please inform us what user registration plugins AIOWPS is tested with?
My guess is that there are more users out there who are using some kind of registration form & login page that is different from the standard WP login page.
If the locking issue is related to a particular plugin it would help solve the issue.
If AIOWPS does not handle login plugins correctly in general I would appreciate if it would be solved in one way or another.As mentioned in the tread I use Pie Register: https://wordpress.org/plugins/pie-register/
It is the “Bad Query String” setting. Should be off
I got mail:
Hi,
There is a firewall setting in AIOWPS which is restricting PR verification url to execute. Go to WP Security > Firewall > Additional Firewall Rules, in Bad Query Strings section, disable Deny Bad Query Strings option. It will resolve 403 error.
Meanwhile, can you please replace the attached Plugin files with the existing plugin. Let us know, if it works and we will fix the issue in our upcoming plugin release.
Thanks,
Best Regards,
________________________________
Support Team
Pie Register
http://www.pieregister.comThe solution works. Good support!
Thanks!What registration and login plugins has AIOWPS been tested with?
The reason I use PR is that I can request additional information in the registration form and the login page is not the default one anymore. This makes it more difficult for scripted attacks.
If I use Pie Register only the verification works.
When AIOWPS is also active it does not work anymore.To me it seems that both plugins are causing the conflict.
Is there a solution for this issue?
What registration plugins have you tested AIOWPS with?
Due to the nature of the valid users the number of 30 is ok. If a script is attacking the site I get 30 requests in a minute… That’s fast enough right now
When I do tests I do keep the settings in account.
– If I only have AIOWPS active the site redirects to 127.0.0.1 when using a blacklisted user name.
– When I activate Pie Register also the site stops redirecting. And I can login with another user account. This is not what I expected.Can it be the nature of the redirection of the login page Pie Register uses? I made separate pages with the codes of PR: [pie_register_login] , [pie_register_form]
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Blacklist, is it working– I put the IP of my iPhone in the Blacklist.
– Only AIOWPS is active.
– When I try to reach the site it is possible to load the home page and other pages
– I re-checked the IP of the iPhone and it is still the same.Enable Login Lockdown Feature: on
Allow Unlock Requests: off
Max Login Attempts: 30
Login Retry Time Period (min): 10
Time Length of Lockout (min): 60
Display Generic Error Message: on
Instantly Lockout Invalid Usernames: on
Instantly Lockout Specific Usernames: including: admin, ADMIN Administrator etc
Notify By Email: on
Enable Login Lockdown IP Whitelist: on
Enter Whitelisted IP Addresses: my IPI tried with an account name from the blacklist and I could still log in with a different account.
I tried to log in from a blocked IP address and this was also possible.I can share the rest of my settings but not on the forum.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Blacklist, is it workingI tried the following:
* Settings >> Permalinks : saved again
– No result
* Tried to log in with a user account on the instant logout list:
– The login page appears again with a error message of wrong account/password and I’m able to login again.
* Added an IP address to the blacklist and tried to login from the blacklisted IP address
– I can login & can uses the administrator account to edit the siteIs this normal behavior?
If not what can be causing these errors?Thanks for the response.
I tried the suggestions but they don’t work.
Is the 403 error related to a possible wrong permission in the folder structure on the server? If so what should it be?Where can I send the details?
I don’t like to share them in public.Thanks.
- This reply was modified 7 years, 4 months ago by spook68.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Blacklist, is it workingI checked with my ISP and the .htaccess should be working ok.
The list in the .htaccess file is called by a script and /or setting I presume. How can I check this is working?