Can't login despite 'Check credentials on all login attempts' unchecked

If you run a firewall of a reverse proxy, you can be blocked.

You can delete the plugin to get back in.

You can go to https://www.blogseye.com/checkspam/ and check to see why you were blocked.

Keith

I don’t run a secure site if that’s what you’re referring to.

I just got two other people telling me they can’t login, and that’s just people who were willing to tell me.

I’ve had to deactivate the plugin altogether until this is all resolved, if it can be resolved.

I had to remove the plugin because too many people couldn’t login, and now I’m getting WAY more spam registrations than I used to. This is a nightmare.

Please make sure that you have the latest version from my website. I have been making changes, but have not had time to update the wordpress repository.

https://www.blogseye.com/beta-test-plugins/

There are several bug fixes, especially for those who are behind firewalls or proxy servers.

Keith

Yes, we have the latest version – 4.2. Had it for a while.

Another message just now from one of our team members for another site:

“Just FYI, we’re getting crushed with spam the past few days.”

What I still don’t quite understand for myself is why people who are already registered can’t login, when all we want this for is new registrations.

I’m not the web developer, but what should I tell my web developer? I’ll have him read this thread. Again, we don’t have a secure https site, but not sure if that’s what you’re referring to or if that makes a difference.

There is an option that checks for existing logins before the plugin checks the IP. This will allow registered users to login in spite of the fact that the system thinks they are spammers.

Set the option and then clear the cache to make sure that nobody is in the bad cache. See if this helps.

Make sure that you have the latest version from my website.

Keith

Please read my original post, is that what you’re referring to?

If it is what you’re referring to, we have a few thousand members, we can’t expect them to all being emptying their cache. Most of them don’t even know what that means.

I mean the plugin’s cache. It has a list of failed IP addresses. You can clear that and the users will be able to login.

Keith

I did that, and I’m awaiting whether people will have login problems, but the spam registrations continue to get worse. This is just from one of our sites:

[ Spam registration email addresses redacted. Please do not share those here. ]

Nope, I did what you mentioned, and our users still can’t login without getting an “Access Denied – This site is protected by the Stop Spammer Registrations Plugin” message.

Naturally, I had to deactivate the plugin once again. This is sad, as it basically means I’ve run out of ways to keep using the plugin ??

I just don’t understand why a plugin that is supposed to monitor only registrations is denying people from logging in. I just don’t get it.

Tux,

I’m sorry, but the plugin stops anyone who is a spammer from logging in, registering or leaving a comment. There must be a reason why the plugin considers you a spammer. It is not a bug, because tens of thousands of people use the plugin every day without a problem.

If you are not a spammer, it must be in your server configuration or your browser config. The plugin stops logon attempts from people who use a proxy server or who have done things like turned off headers or otherwise tried to make themselves anonymous.

Keith

It’s not me this time, it’s other users, and considering we are using this on multiple sites, some with 2500 members, others with 700, the fact that a handful of the people we know and trust that use the site regularly are telling us they can’t login tells us this is something that is probably affecting a lot of others. Obviously we can’t be helping each user one by one, much less even identify them. Unfortunately, many of them are going to try and login, get denied, and give up forever.

So, the bottom line is that the Stop Spammer Registration can’t only be used for registration? That is HAS to be also monitoring all logins and comments as well? Here’s a feature request to only have it be used for what the plugin is called, ‘Stop Spammer Registration’, because unfortunately, sadly, we can’t use it as is. Perhaps we just have too many members to make this plugin feasible.