Plugin Blocks All Users on First Login Attempt

  • Resolved grantsp

    (@grantsp)


    2 years, 5 months ago

    I’m having an issue where the plugin is blocking all users on the first login attempt despite the correct credentials being used. Additionally, the error message displays a lockout time that does not align with the lockout time specified in the app settings (14 hours in the error message vs. 24 hours in the app settings).

    This has been confirmed by multiple users from multiple IP addresses and for all users it is their first time logging in since the plugin was installed.

    After manually disabling the plugin by renaming the plugin folder, the same users are now able to log in successfully using the same credentials. There are no other security or log in related plugins installed on the website.

    Any help would be appreciated!

Viewing 4 replies - 1 through 4 (of 4 total)

  • This plugin is a dud, and probably a scam.

    Let’s hope it doesn’t contain malicious code.

    I noticed from the beginning very odd log file entries, and it was blocking when it shouldn’t be blocking, and simply didn’t work as advertised. At first you think it’s working, but it’s a fraud.

    grant, I’ve run into this issue with some of my sites. There could be several things happening.

    – Do you have other security plugins installed? If so, deactivate and try again.
    – Do you have multiple websites with LLAR installed? Have you tried your other sites to see if everything works properly?
    – Have you spoke to your web host about the problem? Sometimes these issues are server side.

    Jaywalker, you are entitled to your own opinion, but 2M active users including GoDaddy adding it to all of their sites might say otherwise. I’ve had issues, but they were resolved by troubleshooting.

    Plugin Author WPChef

    (@wpchefgadget)

    We believe this issue is due to a misconfiguration of the web server. We have seen quite a few of these in the past and that was the reason. The REMOTE_ADDR needs to receive the correct IP address. It’s fairly easy to fix but the web hosting provider has to do it!

    The GoDaddy install of Limit Login Attempts Reloaded is still improperly configured. It isn’t a plugin conflict either. Getting someone that can correct this has been impossible. So for the tens of thousands using certain GoDaddy accounts, this plugin is not working very well unless you are a legitimate user who wants to login to your site. In those situations, this plugin is awesome. No one gets to log in, not even site owners an admin.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Plugin Blocks All Users on First Login Attempt’ is closed to new replies.