Brute Force Protection not staying enabled

  • Hello.

    After I enable “Brute Force Protection” and come back to the settings panel at a later time, it is disabled again. I noticed this because after enabling this protection, I saw multiple failed login attempts still happening and not being blocked. I am using version 4.0.42 with WP version 5.7.2.

    What am I doing wrong?

Viewing 8 replies - 1 through 8 (of 8 total)
  • twofactorauthentication

    (@twofactorauthentication)

    Hi there,

    Thank you for reaching out to us.

    I would like to inform you that we have tested that brute force protection feature in the plugin and it is working fine.

    Could you please confirm if there is an error message when you click on the Save Settings button?

    If you would like, we can get an online meeting to look into this issue.

    Please raise a ticket from the plugin support form or from our website [here] so that we can have a quick meeting.

    Thank you,
    miniOrange Team

    Thread Starter wbenterprises

    (@wbenterprises)

    No, there is no error message. It states, “Brute force is enabled and configuration has been saved.” However, when I go back to look at a later time, it’s unchecked again.

    Where is the database location for the setting? I can check to see if the settings is actually saved or not.

    twofactorauthentication

    (@twofactorauthentication)

    Hi there,

    Thank you for your reply.

    You can check the option mo_wpns_enable_brute_force in database. It should be set to “on“.

    Also, you can check the option mo_wpns_allwed_login_attempts for no. of login attempts.

    Let me know if you are able to find out the required things.

    Otherwise, you can get on a call with one of our technical team members. You can mail us here for the same.

    Thank you,
    miniOrange Team

    twofactorauthentication

    (@twofactorauthentication)

    Hi there,

    I hope you might have checked the above values in the database and changed them to mentioned values.

    I am closing this ticket for now. If you are facing any more issues then you can reach out to us here.
    Otherwise, you can reopen this ticket.

    Thank you,
    miniOrange Team

    Thread Starter wbenterprises

    (@wbenterprises)

    I have been watching this issue closely. It seems the option for brute force protection is turning itself off after someone attempts an attack. I have logs which show multiple attempts at logging in with an invalid username/password. I shouldn’t see more than 10 because this option was on. However, I see over 130 attempts to login, then I go check the option and it’s turned off. Why is this happening? This plugin does not block the IP but instead disables itself.

    Hi there,

    We have checked the feature Brute Force Protection and it is working properly on our end.

    This looks like a site-specific issue. We can replicate that issue in a screen share meeting so that we can resolve it over a call.

    Please reach out here in that case.

    Thank you,
    miniOrange team

    Hi there,

    We haven’t heard back from you.

    If the issue still persists, we can replicate that issue in a screen share meeting so that we can resolve it over a call.

    I am closing this ticket for now. If you are facing any more issues then you can reach out to us here.

    Otherwise, you can reopen this ticket.

    Thank you,
    miniOrange team

    Thread Starter wbenterprises

    (@wbenterprises)

    I believe this is happening after each manual update to other plugins. Whenever I update some plugins, this option appears to get turned off. It’s not the plugin itself, it’s other plugins like WP Mail or UpdraftPlus, etc. Why is it?

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Brute Force Protection not staying enabled’ is closed to new replies.