Locked Out Again

Hi,

Are you being locked out because the the rename login functionality isn’t working
Is it because you can no longer go to the wp-admin?
When you are no longer able to login via the rename login page URL, does the default wp-admin login page work?
WP updates shouldn’t be causing this.

I can’t get to the admin anymore. The login page has been renamed for a while, but every now and then, it stops working, usually because the plug in needs an update. This time, I don’t see an update. If it helps, I’m on WP 5.9 and 4.4.10 for the plugin.

I disabled the plugin on the back end and now I can get back in, but obviously, no security protection. I suppose it could be a plugin conflict, but that’s still a problem (obviously).

Thanks

Have you got Cookie Based Brute Login Prevention activated?

If you already have the Rename Login Page feature enabled and you try and enable Cookie Based Brute Force Login Prevention, the plugin will automatically deactivate the Rename login page functionality as only one of these features can be active at any one time. For your login, You should use the URL: https://www.miniaturenewbies.com/?secret-password=1 (replacing the secret-password with the Cookie Based Brute Force Prevention Secret Password)

I do not have Cookie Based Brute Login Prevention activated, unless it automatically activated during the last plugin update.

Can you list which features you do have enabled?

Sure!

Generator Meta Info
Change Admin Username
Login Lockdown
Basic Firewall
XMLRPC & Pingback Protection
Hotlink Protection
Rename Login page
Login form captcha
Add captcha to comments
Block Spambot comments

@mininewbie If you enabled the login lockdown, you are using the default lockdown settings, and you try three times with the wrong login credential within 5 minutes. Then, you will be lockdown for an hour.
The default setting of login lockdown is indicated in the screenshot https://nimb.ws/Y5Z4kJ.

Please wait for an hour and then try with the correct login credential. While typing login credential, Please be careful about case sensitivity, and caps lock key,

Sure, but that’s not what I’m talking about. I can’t access the admin panel on the renamed login screen. That’s the lockout problem I have.

Hi @mininewbie, There are two options to get out of this lockdown:

1. Wait for an hour
2. If you have an FTP or File manager access of your site, Please go to root/wp-content > plugins and rename the folder all-in-one-wp-security-and-firewall with any other name like _all-in-one-wp-security-and-firewall

Then try to log in.

Let me know how it goes at your end.

Thanks!

Thanks.

I already renamed the file once to unlock things and get back in. That worked. The problem is once I reactivate the plugin, I’m locked out of admin again and then my site isn’t protected. That defeats the purpose of having the plugin in the first place.

This isn’t the first time this is happened. Like I said upthread, sometimes I get locked out of the admin because I’m using the rename function. When that happens, I update the plugin and things are fine. This time, there is no plugin update and I can’t figure out why I keep getting locked out.

I am having a similar problem, but for a different reason. How can I delete the plugins settings & have it as if it were a completely fresh installation?

I found what I need. This is how you delete all the AIOWPS settings so you can start over:

Q4 The captcha answer is always incorrect. So when you deactivate the plugin by renaming the folder and then logging into the WP admin panel, you get logged out of the WP admin panel immediately after re-activating the AIOWPS plugin again?

Solution One: PLEASE follow the instructions below carefully.

login to your DB using PHPMyAdmin
Go to the wp_options table
Look for the entry which has option_name equal to “aio_wp_security_configs”
Copy the option_value and paste it in a text document in case you need to restore this if something goes wrong.
Then inside the option_value search for the following string: s:27:”aiowps_enable_login_captcha”;s:1:”1″
Change the above to look like this: s:27:”aiowps_enable_login_captcha”;s:0:””, Note: s:1 was changed to s:0 and “1” was changed to “”.
Save your table row.
The above will deactivate the login captcha. If you run into issues simply paste the string you saved before you made any changes and save the DB row and then you will at least restore the aiowps settings back to the original state

Note: If you enable the other captcha options and run into similar issues, you can use the above steps for troubleshooting.

@mininewbie cc: @vupdraft To resolve the issue, please follow below steps:

1. Open Database Manager and then Open PHPMyAdmin
2. Select the database that is used by your site.
3. Select table {database_prefix}aiowps_login_lockdown, Find record that hold your IP address and delete that record or Run the below query and delete all records of this table:

TRUNCATE TABLE {database_prefix}aiowps_login_lockdown

Please replace {database_prefix} in the above table name with your actual WordPress site’s database table prefix. By default, it is wp_.

Let me know what happens at your end.

———————-

@newsunseo You are mentioning the solution to the captcha problem and @mininewbie is facing a login lockdown error that is as below:

ERROR: Access from your IP address has been blocked for security reasons. Please contact the administrator.

I heartily appreciate you @newsunseo for helping other people. Thanks a lot!

• This reply was modified 2 years, 9 months ago by Prashant Baldha.
• This reply was modified 2 years, 9 months ago by Prashant Baldha.
• This reply was modified 2 years, 9 months ago by Prashant Baldha.
• This reply was modified 2 years, 9 months ago by Prashant Baldha.

I’m a little confused by your instructions.

Are you saying delete just my IP address or are you saying to delete all the IP addresses in the table?

FWIW there have been no failed logged in attempts for over a year because I hid the login page information. My IP address is nowhere in the table.

Thanks!

@pmbaldha Yes, I thought it might help them find their solution possibly. Reading this thread helped me modify my search & then I found the solution. I actually just deleted that whole aio_wp_security_configs in the wp_options table, then imported the settings again, but without the reCAPTCHA from the other site, that was what locked me out. Goodluck @mininewbie !