Your IP has been flagged for potential security violations.

I am also having people report getting this error. I found other support forum items from a year or so ago where the author noted this issue, but it sounded then like it had been resolved. Thoughts on why this would be happening now?

The only reason I could see someone still being blocked after having their IP whitelisted would be from caching. Have you checked to make sure that caches are cleared?

Yes, I did check that — and there were no ip addresses listed.

Yes, I did make sure that the history was deleted, I had him try on different browsers, still getting the same error.

I have the same problem, I whitelist the user but he still get the error
I have clean up also wp super cache from all its file as you say but nothing….his ip is still block
Any other solution? @gnw, @relish1227 the problem is solved?

I have the following problem
Your IP (????????) you has-been flagged for potential security Violations. Please try again in a little while …
So already been a week, and delete cookies, history, everything and still appears

Just wanted to double check with some of the folks who mentioned history. History and cache are not the same and I believe a caching plugin would be caching at the server level, not necessarily the browser level. You could also try whitelisting from a smartphone or different location, as long as you know your home IP address.

Hope this helps!

I am still having this problem and with another client now. I have whitelisted their IP’s. I do not have a caching plugin installed on either site. Is there something else I can try?

I have this problem too.
Whitelist not work.
IP: 193.227.116.171

I’m sorry to hear that you are getting locked out of your site. We are still investigating this issue.

The good news is we have a newly updated version of our brute force protection in the Jetpack plugin. We highly recommend installing Jetpack.

If possible, try logging into your site from an other location, ie home, office, coffee shop, and uninstalling BruteProtect.

If you can’t access your site at all via the WordPress dashboard, please use FTP to remove the bruteprotect folder from your plugin directory, or ask your hosting provider for help.

Thanks

Please help! I have the same problem ??

dcaceres, can you try what Rocco has suggested above? FTP and delete BruteProtect and switch to Jetpack would be best place to start. Thanks!

The obvious question for me is, what about my blog’s regular users? Are they going to get locked out mysteriously? I got locked out and I’m the site administrator. Doing what I do everyday. I do not know why I got locked out.

Unless this algorithm of locking people out is explained much better, I don’t see any other option but to delete/deactivate the plugin. Is this what the author really intended? I like security, but it needs to be understandable. Maybe I need to do some deeper reading of the fine print.

Problem with switching to Jetpack’s Protect module is that it does not protect XML-RPC yet… Anyone know when that will be implemented?

OKay. I cannot solve this issue, but I may be able to lend a hand. Not in solving, but in preventing this issue from happening.

*Problem description*
I have had this issue a few times. The last time I had to disable the BruteProtect plugin (FTP, rename BruteProtect folder).

*Occurance*

I tend to edit the website as admin through multiple windows, i.e. I edit multiple ‘files’ in WordPress at once. At some point, I close the lid of my laptop, and eventually login expires (I use the Clef plugin).

After reopening, I login to the first screen through Clef.

I then login to the other screens. WordPress seems to have difficulty here. I no longer need to login through Clef (already done so), and should be able to login by pressing ‘login’ at Clef screen. However, WordPress does seem to expect some kind of password-like thing.

After pressing ‘login’ at the Clef screen a few times, BruteProtect starts blocking me. Login is no longer possible at any time (I waited about three days, then removed the plugin).

*Hope this helps*