“Invalid Cookies”, login denied

  • monomatic

    (@monomatic)


    3 years ago

    We occasionally see users denied login due to “Invalid Cookies”, and eventually locked out.

    These events usually show the user was denied login on the root of the site “/” rather than “/my-account/” or “/checkout/” etc.

    I have tried to disable and open up wp-cerber anti-spam as much as I can in the admin options.

    It’s unclear what has happened, any ideas?

    Screenshot of activity log:
    https://ibb.co/0C8BdwX

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author gioni

    (@gioni)

    It can be:

    1. An admin changes the user password while the user is logged in and browsing the website.
    2. Someone tries to use stolen cookies to hijack the user’s session. And this is the reason why an IP will be eventually locked out.

    Those events may occur on any page. The upcoming release of WP Cerber will handle them more effectively, so you will see fewer of them in the logs.

    Plugin Author gioni

    (@gioni)

    Please install the latest version of WP Cerber.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘“Invalid Cookies”, login denied’ is closed to new replies.