How to Permanently Whitelist my IP?

Hi @ellejg, we’re glad you’ve reached out! I understand your frustration with this ongoing login issue, especially when it happens repeatedly. I’m here to help you work through a solution, so you won’t have to go through this every time you log in. Could you let me know if you’re using the latest version of the plugin? If not, please update to the latest version to see if the issue continues.

Also, I noticed you mentioned you’ve whitelisted your static IP, but it’s not ideal for it to be just for 24 hours, so I’d assume you’ve enabled the “Automatically Temporarily Authorize Hosts” setting in Global Settings, correct? If so, can you also let me know if you added your static IP to the “AUTHORIZED IPS” box below that setting? If not yet, please add your IP there and that should prevent your IP from getting locked out/banned.

If that doesn’t help, could you let me know if you’re getting blocked the first time you log in after a while? Before getting permanently banned, the plugin should first?lockout?your IP, and you should see the “You have been locked out” screen. Then, once you reach the Ban Threshold, that’s the time the plugin will add your IP to the Ban List.

When regaining access to your site, can you also ensure that your IP is removed from the Ban List after accessing your site? To do that, please check the Banned IPs card?in the Security Dashboard and the?.htaccess file. Then, I’d suggest looking at the Security Logs and checking for the raw details of the ban to get additional information. You can send it here, too, so we can check.

Hope this helps, and I look forward to hearing from you!

Thanks for the reply.

Yes, the plugin is and always has been up to date.

Yes, I do have my IP address in the Authorized field. It’s always been there, and at one point in the last year or so I added my IPv6 address as well, hoping that would help. It did not.

I just checked my emails, and I don’t have a lockout email for my IP–at least not as far back as April, which is the last time I deleted them. And I’ve logged into my site since then, most recently yesterday. When I try to access my admin I get a 404 error not a banned message. Maybe that provides a clue.

A few years–yes, I’ve been putting up with this for that long!!–ago I spoke to my host about this, and at that time I seem to remember adding/deleting something from my .htaccess, but I could be wrong.

I’ve checked my Banned IPs list and my .htaccess, and my IP isn’t listed in either.

I do have other sites on the same host and it’s only with this one that I have the issue. All sites are using your plugin. And with that exception of the LiteSpeed Cache plugin, I only have a few very basic plugins, none that should conflict with a security plugin.

Any other ideas or direction would be much appreciated!

Hi @ellejg, thanks for confirming!

Getting a 404 when accessing the admin page while Solid Security is active usually happens if you have the Hide Backend feature enabled. Please confirm if this is the case on your site by going to Security > Settings > Advanced > Hide Backend and turning this off (uncheck it). After saving the settings, try to log in again.

If not, other modules that could potentially cause this are the Default Ban List and PHP Execution (Litespeed seems to conflict with the Disable PHP in Plugins setting), so please try adjusting these:

• Disable the Default Ban List feature in Security > Settings > Features > Firewall > Ban Users
• Disable the PHP Execution options in Security > Settings > Advanced > System Tweaks – Try the Disable PHP in Plugins setting first.

Another troubleshooting step we recommend is to turn off the currently active plugin features individually to check whether a module is causing the issue.

Please let me know if the above helps!

Thanks! I did have Hide Backend checked, so I’ve unchecked that. Now I’ll have to wait the 24 hours to see if that was the issue. If not, I’ll work through your other suggestions.

Thank you @ellejg! Please let me know how it goes.

It worked! Thank you!

Seriously, this has been driving me crazy for years. I’ve Googled and Googled, I’ve talked to my host. Clearly, I should have reached out to the source.

It’s always the simple things. That one extra or missed semi-colon or that one box that was checked when it shouldn’t be. ??

Hi @ellejg, I’m thrilled to hear that it worked! I agree; sometimes, it’s in the little things. Please don’t hesitate to reach out if you have any more questions about the plugin.

If you enjoy Solid Security and appreciate our free support, we’d love to get a kind review from you here.