Hi Joseph,
Sorry to hear that.
Since their IP is whitelisted, they shouldn’t be blocked by Shield at all. For whitelisted IP addresses, it’s as if the entire plugin is turned off, meaning there are no restrictions for users associated with that IP whatsoever.
Make sure their IP address is accurate and not changing—confirm they are not attempting to log in from a different IP address.
The only Shield feature that displays a “404 Not Found” message is the “Hide WP Login & Admin Page” feature:
https://help.getshieldsecurity.com/category/284-hide-wp-login-page
For example, if your client’s IP is whitelisted and they try to load the renamed login URL, they’ll get a 404 error. However, this feature will not trigger Shield’s blocking offenses—they won’t be blocked. You can disable this feature if needed.
However, to find out why exactly the blocking is happening, best thing to do is checking the WP Activity Log and use the IP Address filter box at the top of the table to filter by the blocked IP address. You can log into the site and ask your client to reproduce the block so you can immediately check the Activity Log. If in any way their IP address is changing, ask them to visit this page and provide to you IP address printed there:
https://getshieldsecurity.com/my-ip/
The log will show all activities for that IP and the reason it was blocked. Based on this information, you can adjust Shield settings to prevent future blocks. If you’re unsure how to interpret any log entries, you may use this Glossary here.
You may also want to temporarily disable page caching (either plugin or system) and suggest your client clear their browser cache and cookies before retrying.
Hope this helps.
