ipadmin789654

I changed the custom login to something else like “securelogin”, logged out then tried to get to the login page with /securelogin, but it gave me a 404. then I tried the prior /securenewlogin that was originally there and it worked it let me get to the login page…wierd… prior I was using another module that hid the backend, but I un-installed it?

I found something interesting. when i uncommented the ITSEC_DISABLE_MODULES and typed in the custom hide backend URL it took me to the login page even though I disabled the “Hide Backend” option..

Thanks, I ran the script on the server and it came back “Valid IPv4”. I disabled the Hide Backend, logged out, commented out the ITSEC_DISABLE_MODULES and tried to go to the default WordPress login /wp-login.php and I am still getting the 404 error. Thanks for your help. I am a little concerned since I already updated the database prefix in the database via the “Change Database Table Prefix” in iThemes it may cause more issues so I am concerned about disabling this?

great, thanks here is the debug from the site that shows the “invalid” IP error. but the main issue is that I have to disable the ithemes security to login. I added my IP address range to the white list, but when I go to the login page I still get redirected to the 404 page

{
“lockout_message”: “error”,
“user_lockout_message”: “You have been locked out due to too many invalid login attempts.”,
“community_lockout_message”: “Your IP address has been flagged as a threat by the iThemes Security network.”,
“blacklist”: true,
“blacklist_count”: 3,
“blacklist_period”: 7,
“lockout_period”: 15,
“lockout_white_list”: [

],
“log_rotation”: 60,
“file_log_rotation”: 180,
“log_type”: “database”,
“log_location”: “F:\\Website/wp-content/uploads/ithemes-security/logs”,
“log_info”: “-GQARSy3MxTmxpWP3LHK2WNhZqbydwO”,
“allow_tracking”: true,
“write_files”: true,
“nginx_file”: “F:\\Website/nginx.conf”,
“infinitewp_compatibility”: false,
“did_upgrade”: false,
“lock_file”: false,
“proxy”: “automatic”,
“proxy_header”: “HTTP_X_FORWARDED_FOR”,
“hide_admin_bar”: true,
“show_error_codes”: false,
“show_security_check”: false,
“build”: 4121,
“initial_build”: 4119,
“activation_timestamp”: 1600563612,
“cron_status”: 1,
“use_cron”: true,
“cron_test_time”: 1603341455,
“enable_grade_report”: false,
“server_ips”: [
“<is the same IP address for the server so this looks OK>?”
],
“feature_flags”: [],
“manage_group”: [
“a14cd073-1759-41c0-b5eb-46b5f27a2ed7”
],
“licensed_hostname_prompt”: false
}

thanks, on the other site the “server_ips” is the same IP address.
– the only 2 things that do not “appear” to work is the secure login (I changed it to something else from the default wp-login) and the error with the ipaddress if this helps. Also, I’m on an iis server if that is an issue. thanks for your help!

Thank you, the PHP version is 7.4.10. also, on the same server I have another WordPress site that has ithemes security installated and it is working fine.

thanks for your help

thanks, here is the iP example. Invalid IP returned: ?123.456.78.9

thanks that worked. I went to the “security check” screen and it is giving me an error: Invalid IP returned: <server IP address>?

thank you, I checked my database user settings and it did not have create access. I updated the database user access, un-installed and deleted wordfence then re-installed and it works. thank you.