Host Lockout

Hey Kelli,

What error does the IP get when trying to access the site?

Have you checked to see if it’s in the Banned Users field on the Settings page?

Thanks,

Gerroald

Hi Gerroald!

Thanks for responding! Below is the error received by the host:

Forbidden

You don’t have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

There is no list of IPs in that section, only the option of “default blacklist” which was checked or “ban users”. Would checking or unchecking one of these options allow me to “release” the host that’s locked out? As I’ve said, although I’ve added it to the whitelist, it will not let me remove it from the release list or in the database.

Thanks so much!

Update:

I’ve unchecked “default blacklist” and checked “ban users” box and the list popped up. I did find the IP and deleted it, was still in the “release lockout” list but would not let me delete; same goes for the IP in the database.

Let me know your thoughts. Thanks!

Hey Kelli,

When you say it will not let you remove/delete the IP from the Banned Users field or database, are you getting an error when trying to delete it? Or does it just reappear?

From your Security Logs, do you see why the IP was banned?

Thanks!

Gerroald

Hey there,

So when I check the log, and click details, a blank white screen comes up. I do see the IP listed several times but unable to see the reasons or details behind it.

404 Error 3 2016-03-03 17:41:04 207.241.237.152 /beforeactivate._change https://modelalliance.org/wp-includes/js/jquery/jquery.js Details
404 Error 3 2016-03-03 17:41:00 207.241.237.152 /click._change https://modelalliance.org/wp-includes/js/jquery/jquery.js Details
404 Error 3 2016-03-03 17:40:57 207.241.237.152 /propertychange._change https://modelalliance.org/wp-includes/js/jquery/jquery.js Details

It will not let me delete the IP from “Active Host Lockouts” found on the dashboard screen of the plugin…

Locked out hosts
183.98.103.2 – Expires in 19 years
212.87.164.56 – Expires in 19 years
212.87.164.56 – Expires in 19 years
115.144.122.62 – Expires in 19 years
207.241.237.152 – Expires in 19 years

I’ve checked the box and clicked release, it says it released it but does not do so. I’ve said it before, I’ve found the IP in the database itsec_lockouts but there is no way to remove it.

Is there anyway to remove this?! They have another crawl set up coming and I would love it if they weren’t blocked!!

Thank you for your help!!

@maikai1110

Expires in 19 years !! The default is 15 minutes !

How is that possible ?
Please make sure you have the right Time Zone set in WordPress.

Anyway it seems the host lockouts are caused by too many 404s.
Disable 404 Detection to prevent the host lockouts.

To reset the iTSec plugin add the following line to the wp-config.php file:

define(‘ITSEC_DEVELOPMENT’, true);

Add this line right after: define(‘WP_DEBUG’, false);

Then deactivate the iTSec plugin and reactivate it.
This will delete and then recreate the 3 iTSec plugin tables in the database.

IMPORTANT: REMOVE the ITSEC_DEVELOPMENT line from wp-config.php afterwards !!

dwinden

Awesome!!!

Thanks so much dwinden!!! I’ll try this tonight. Much appreciated!!

Hello again,

Unfortunately, this did not fix the problem or reset the plugin. I know that deleting the plugin won’t remove the information from the database, is it possible to uninstall and drop those tables? I really need this IP removed, asap. Are there any other ideas or ways to remove this IP?

Thanks again for your help!

@maikai1110

The reset should work.
Don’t use the info from the email that you received.

Use the info from my post in this topic on the forum.
My initial post contained an error which I corrected.
Unfortunately corrections to a post don’t get emailed again.

dwinden

Hi again…Thank you so much for trying to help….I’ve entered this exactly as you said…

I did exactly as you said…here is the code entered..

define('WP_DEBUG', false);
define('ITSEC_DEVELOPMENT', true);
//define( 'WP_CACHE', true );
require_once( dirname( __FILE__ ) . '/gd-config.php' );
define( 'FS_METHOD', 'direct');

deactivated and reactivated and the lockouts are still there! Is there any other way or can I get your help directly? Getting a bit worried…

Got it!!

I had to delete and reinstall the plugin and the did it. ??

Thank you so much for your help!!

Kelli

@kelli

Weird, the reset should work.
Tested it to be sure and yep reset definately still works.

Well anyway, thought to spare you deleting and reinstalling the plugin.
Kept that as a last resort. But you figured that out on your own.

Well done ??

Please take a moment to mark this topic as ‘resolved’.

dwinden