• Resolved Lea

    (@leac)


    Hi,

    We’re experiencing a redirect to 127.0.0.1 because of the “Enable login lockdown feature” feature, and we’d like to understand it more.

    My first question is: When a user gets locked out of the site, they don’t only get locked out of wp-admin, but they can’t even access the site’s homepage. Is that the way it’s supposed to be? is there a way to change this behavior? We want the homepage to always be accessible.

    The second question regards the IP that is locked out. As I stated in a previous issue, we have a WAF on the server, and your plugin treats all users as having that WAF’s IP, and that’s not what we want, since it means that of a user accidentally locks themselves out, all users are locked out. However, when I got to WP security > Settings > Advanced settings, I see that my detected IP address according to Cloudflare, ipify (IPv6) and ipify (IPv4) is my real IP, but what is shown in the dropdown (“Choose a $_SERVER variable you would like to detect visitors’ IP address using”) is the WAF IP. Is there a way to make the plugin detect the user’s actual IP?

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @leac,

    If user can not accessing the site home page and being redirected to 127.0.0.1 means their IP Permanently blocked.

    There is an issue also identified and solved due to 404 lockout the login lockout “Unlock request button” do not show and being redirected 127.0.0.1 which seems solved and going to release in next version.

    Can you please upload the zip as Add a new plugin and replace it with the existing AIOS plugin?

    https://gofile.io/d/gY0eZg

    Due to 404 lockout the front end home page might be also being redirected 127.0.0.1

    WP security > Settings > Advanced settings, you have to change value in that dropdown to match your correct IP address. Please see screenshot below.

    https://snipboard.io/F572rI.jpg

    Regards

    Thread Starter Lea

    (@leac)

    Thank you for the new version, but installing it creates a “504 “504 Gateway Time-out” error, as I described in another issue, so unfortunately I can’t check the fix ??

    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    Hi @leac,

    Ok, We will try replicate the issue and get back to you

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘2 questions about the behavior bc Enable login lockdown feature’ is closed to new replies.