Valid users getting locked on login

  • We’re having an issue on our site where when a valid user attempts to login, they are being locked out due to “probing for vulnerable code”. 5 different users have been affected by this so far, all being hit for probing code of the same non-existent plugin. Whitelisting IPs lets them get in, but any help you can provide on these false-positives would be appreciated.

    • This topic was modified 3 years, 11 months ago by drumcreative.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author gioni

    (@gioni)

    When that happens, check the Activity log to see what URL WP Cerber barking at. It’s possible that one of your plugins was not completely deleted and still produces some wrong output on the login page. Probably a flawed plugin adds some strange code to the login page. It’s also possible that you have configured an incorrect redirection rule.

    Thread Starter drumcreative

    (@drumcreative)

    The activity log is showing every user “probing for vulnerable code” in the same non-existent plugin file for a plugin we have never used. I’ve scanned our entire theme and there is no mention of this plugin anywhere.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Valid users getting locked on login’ is closed to new replies.