The administrator has blocked your IP from accessing this website.

Hi @bbagr

I hope you’re well today and thank you for your question!

Defender doesn’t have any “rate limiting” lockouts features except for “404” and login attempts – but those wouldn’t issue 429 errors. It seems that Defender blocking you is a secondary issue and a result rather than a cause.

The 429 status does mean “too many requests” but it would usually be issued by server itself or “something” (firewall or other security tool) on a server level or a CDN (such as CloudFlare or similar).

A big number of such responses can also mean that there are 404 requests happening and that could possibly result in 404 lockouts followed by the IP ban (which would give the “The administrator blocked your IP from accessing this website”) but that ban would give “403 Forbidden” status instead of 429.

—-

However, this all may actually be a bit of a “false alert”. I checked the site and noticed that the lockout page itself is cached by Fastest Cache and one of the common reason for the issue is not that you are really blocked but that somebody (e.g. some bot) got blocked and at that moment the lockout page got cached and is served for all other requests.

So the first thing to check would be to temporarily disable WP Fastest Cache and check if the issue still happens. If not, we could look into it to see if there can be some exceptions configured.

If it doesn’t change anything, then further investigation would be needed and I’d suggest following steps:

1. follow this guide (the “code” solution there) to unlock yourself first

https://wpmudev.com/docs/wpmu-dev-plugins/defender/#accidentally-locked-yourself-out

2. then access the site and enable Defender – you should stay logged-in

3. go to “Defender -> Firewall -> Settings” page and

– check if an IP in “Detected IP(s)and “IP Settings” there are a) both the same and b) are matching your current IP

– if they are not, then test different settings of the “Detect IP Address” option to see which one gives correct result.

This is quite often an issue due to CDN/proxy used for site and/or server misconfigurations and can cause unexpected lockouts so it’s important to make sure about it.

4. go to “Defender -> Firewall -> IP Banning” and you if there are active lockouts you should see it mentioned in “Active Lockouts” section; then you would be able to go to “Defender -> Firewall -> Logs” page and search for your IP there and that should give a main reason on why your IP is being blocked.

Knowing about that reason, we could suggest more steps to get it permanently solved.

Best regards,
Adam

Hi Adam,
Unfortunately, I cannot agree with your conclusion as so far Defender seems to be the only cause for my page being blocked as well as for the 429 error. At least, after disabling Defender (and no other plugin), the site starts functioning flawlessly – although not immediately as I am seeing the 429 error for some of my pictures for 1-2 days. I have still tried disabling WP Fastest Cache together with Defender and could see no difference – I keep seeing “The administrator has blocked your IP from accessing this website.” with WP Fastest Cache on and off.
I have also joined The Hub and added my site as well as my regular IP to the allowlist, but I am still seeing the same error mentioned above.
Any other suggestions apart from keeping Defender disabled?
Thank you,
Michal

Here’s also the info from the logs:
– Lockout occurred: Too many 404 requests for /wp-content/plugins/wptouch/themes/bauhaus/default/images/socials/Mail.png
– Request for file /wp-content/plugins/wptouch/themes/bauhaus/default/images/socials/Mail.png which doesn’t exist
Unfortunately, I am unable to remove my IP address from the blocklist.

Hi @bbagr,

Could you please confirm if you have followed the steps mentioned in the guide we provided to unlock yourself?

https://wpmudev.com/docs/wpmu-dev-plugins/defender/#accidentally-locked-yourself-out

Could you please also try a complete conflict test to see if another plugin or theme is causing the error 429? I hope the following flowchart comes in handy: https://wpmudev.com/wp-content/uploads/2015/09/Support-Process-Support-Process.gif

Since this is a live website with traffic, please create a staging website and perform the test without disturbing the live traffic. A staging website is a copy of your live website in a new directory on the same server using a separate database.

We look forward to hearing back from you and help you resolve the issue as soon as possible.

Kind Regards,
Nebu John

Hello @bbagr,

Since we haven’t heard from you for a while now, I’m going to mark this thread as resolved.

Please feel free to re-open it, in case you still need our help resolving the issue.

Best Regards,
Dmytro