Denied for too many attempts

  • When trying to comment on my blog post, my readers – and myself! – can’t leave a comment (One person was able to leave a comment, but after that no-one has been able to). Instead we get taken to a grey page with the words:

    Denied for too many attempts
    Please try visiting at a later time.

    I have searched everywhere for a solution, but I can’t find one. The best I could find was at https://www.limitloginattempts.com/services/technical-questions/

    On this site it said:

    If you are using contemporary hosting, it’s likely your site uses a proxy domain service like CloudFlare, Sucuri, Nginx, etc. They replace your user’s IP address with their own. If the server where your site runs is not configured properly (this happens a lot) all users will get the same IP address. This also applies to bots and hackers. Therefore, locking one user will lead to locking everybody else out. In the free version of the plugin this can be adjusted using the Trusted IP Origin setting. In the premium version, the cloud service intelligently recognizes the non-standard IP origins and handles them correctly, even if your hosting provider does not.

    I have no idea what to adjust at the Trusted IP Origin setting, or if this will fix my problem.

    Very grateful for any help!! Thanks ??

    The page I need help with: [log in to see the link]

Viewing 11 replies - 1 through 11 (of 11 total)

  • I have no idea what to adjust at the Trusted IP Origin setting, or if this will fix my problem.

    That post relates to the Limit Login Attempts Reloaded plugin. Are you using this plugin?

    Note that the WordPress software itself doesn’t have any such protection, and, consequently, will not block you this way. This will likely be coming from either a plugin you have installed (like the above-mentioned Limit Login Attempts Reloaded plugin), or some server protection being enforced by your host.

    I wanted to test your site to see if I could find any clues, but I couldn’t find a single post with comments open, so I couldn’t test.

    Thread Starter ajblythe

    (@ajblythe)

    Hi George,

    I have not installed the Limit Login Attempts Reloaded plugin – it has just appeared on my GoDaddy WordPress site. If I have a look at the plugins list it isn’t included.

    You should be able to find an open post on the “Blog” page. I just checked and my “Happy New Year 2023” post still has open comments.

    Thanks.

    You should be able to find an open post on the “Blog” page. I just checked and my “Happy New Year 2023” post still has open comments.

    Unfortunately, I don’t see this. The most recent post I see is “Time?”, published on 24th October, with commenting closed.

    Thread Starter ajblythe

    (@ajblythe)

    Here’s the direct link: https://ajblythe.com/happy-new-year-2023/

    I hope that works!

    A site I’m admin-ing is having the exact same issue and the site is on a Managed WordPress via GoDaddy as well. Sounds like they forced a plugin on the site that isn’t working as expected as they too mentioned some Limit Login plugin and they updated it behind the scenes and said it would fix the issue. So far their update to that plugin hasn’t worked at all. I’m going to get back with their support team and see what can be done about that plugin that is doing more harm than good from what I can tell.

    • This reply was modified 2 years, 2 months ago by briancrider.

    I worked with GoDaddy just now and they think the issue is with the theme we’re using not being compatible enough with the latest WordPress version recently released. They updated to “Twenty Twenty-Three” and commenting worked fine again for their tests before they switched it back.

    I took over the site admin role about 6 months ago and the theme being used is “Twenty Eleven” thus 12 years old. I’d be interested in knowing what themes you’re using / how old your themes are, especially if they are the “year name” ones WordPress provides each year.

    NOTE: the Limit Login Attempts Reloaded also showed up suddenly in my admin console menu as well.

    Thanks!

    • This reply was modified 2 years, 2 months ago by briancrider.
    • This reply was modified 2 years, 2 months ago by briancrider.
    Thread Starter ajblythe

    (@ajblythe)

    Hi Brian,

    I’ve been working with
    GoDaddy and we finally have a solution. In answer to your question, I’m using Senses Lite theme (which is a number of years old – I started using it in 2017). However, we managed to fix my problem and it had nothing to do with either the Limit Login Attempts or my theme. It was to do with my permalinks (no idea what the issues was, but the steps the tech gave me worked).

    The steps I had to follow were to:
    – on my dashboard, go to settings
    – permalinks (note the setting you are currently using)
    – select “plain”
    – save
    – select the setting you were previously using
    – save
    – go to the “managed wordpress” link with the cog in the top ribbon
    – flush cache

    It didn’t work immediately, but the next day it was fine (I assume it was something to do with restarting my computer overnight). Hope that helps!

    In the past couple of weeks, I’ve seen this problem reported several times here at www.remarpro.com and on other forums. The common denominator in all cases? GoDaddy hosting!

    Something in GoDaddy’s infrastructure, perhaps mod_sec security rules or some other security policy, must be messing up the WordPress commenting system.

    I think I figured out the issue on our site. GoDaddy has a Sucuri firewall that had some extra settings turned on. I can only guess GoDaddy made changes around the time of the release of WordPress 6.1.1 since that’s around when our issues started and only got worse and worse as time went on.

    Since our issue was users not able to leave comments consistently on blog posts, I found one setting deep in the bowels of GoDaddy advanced settings called “XMLRPC, Comments and Trackbacks blocked”. Once I turned that off, flushed the cache, etc., the problem went away. It’s only been around 15 hours but so far so good. This is the path to take to get there, along with many other settings that might be causing issues:

    Website Security and Backups | tap Manage All | Under Firewall tap Details | Settings | Security

    View the many check boxes under Advanced Security Options and hope for the best. There are other settings around Performance, SSL, etc. that may help your situations as well.

    Good luck!

    • This reply was modified 2 years, 2 months ago by briancrider.

    Nevermind… that seemed to fix things, but it only lasted about 36 hours before the issue arose again… back to GoDaddy support or time to find a new host…

    @ajblythe Thanks for those steps. I just did them and will hope for the best. I’ve also opened a ticket with Sucuri since that’s the firewall GoDaddy uses and might be them blocking IP addresses randomly.

    My home’s IP address is getting the “Denied for too many attempts” error at the moment, but if I use my phone and turn off WiFi to get a new IP address from a cell tower, I’m able to leave comments again.

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Denied for too many attempts’ is closed to new replies.