kaimana

OK, thanks, wpsolutions! All very clear, no prob.

However: “Where” do I unlock myself if I succeed in locking my IP out? Ie, which database table, which line, etc? There’s a lot of stuff there, and I don’t want to guess where you put it and be wrong.

thanks, Aloha, Tim………

Aloha mbrsolution or whomsoever answereth this:

Blacklist manager is definitely NOT blacklisting. I’ve updated EVERYTHING on the site as of today (see “Current System Status” after the body of this email), and previously blacklisted IP’s are still getting through, namely 91.200.12.* .

The attacker is smart enough to use my posting name friendly_techie (that appears in the LL corner of the posts) to hack with, but that login only has Editor permissions. I NEVER let my admin name out anywhere, and don’t use the admin password for any other account anywhere. But I’d still like to cut off this possible avenue of intrusion, if you can help.

thanks in advance for whatever you can offer,

Aloha, Tim

CURRENT SYSTEM STATUS FOLLOWS:

### WordPress Environment ###

Home URL: https://www.friendlyaquaponics.com
Site URL: https://www.friendlyaquaponics.com
WC Version: 2.5.5
Log Directory Writable: ?
WP Version: 4.5.1
WP Multisite: –
WP Memory Limit: 256 MB
WP Debug Mode: –
Language: en_US

### Server Environment ###

Server Info: Apache
PHP Version: 5.5.30
PHP Post Max Size: 8 MB
PHP Time Limit: 30
PHP Max Input Vars: 1000
SUHOSIN Installed: –
MySQL Version: 5.5.48
Max Upload Size: 2 MB
Default Timezone is UTC: ?
fsockopen/cURL: ?
SoapClient: ?
DOMDocument: ?
GZip: ?
Multibyte String: ?
Remote Post: ?
Remote Get: ?

### Database ###

WC Database Version: 2.5.5
:
woocommerce_sessions: ?
woocommerce_api_keys: ?
woocommerce_attribute_taxonomies: ?
woocommerce_termmeta: ?
woocommerce_downloadable_product_permissions: ?
woocommerce_order_items: ?
woocommerce_order_itemmeta: ?
woocommerce_tax_rates: ?
woocommerce_tax_rate_locations: ?

### Active Plugins (26) ###

All In One WP Security: by Tips and Tricks HQ
Peter
Ruhul
Ivy – 4.0.7

BE Social Counter Widget: by Bill Erickson – 1.0.0

CloudFlare: by Ian Pye
Jerome Chen
James Greene
Simon Moore
David Fritsch
John Wineman (CloudFlare Team) – 1.3.24

Ecwid Shopping Cart: by Ecwid Team – 4.2

Genesis Connect for WooCommerce: by StudioPress – 0.9.8
Genesis Design Palette Pro: by Reaktiv Studios – 1.3.15
Genesis Simple Edits: by Nathan Rice – 2.1.4
Genesis Simple Sidebars: by Nathan Rice – 2.0.3
Genesis Title Toggle: by Bill Erickson – 1.7.0

Google Analytics by MonsterInsights Pro: by MonsterInsights – 5.4.10

InfusedWoo Pro: by Mark Joseph – 2.5.1
PayPal for WooCommerce: by Angell EYE – 1.1.9.2

Photo Gallery: by WebDorado – 1.2.100

Postmatic - WordPress Subscriptions & Commenting by Email: by Postmatic – 1.4.13

Quiz And Survey Master: by Frank Corso – 4.7.0

Reveal IDs: by Oliver Schl?be – 1.4.6.1

Fast Secure Contact Form: by Mike Challis
Ken Carlson – 4.0.41

Stop Comment Form Spam: by Brad Dalton - WP Sites – 1.1
Use Google Libraries: by Jason Penney – 1.6.2.1
USPS WooCommerce Shipping: by WooForce – 2.4.8
WooCommerce Product Add-ons: by WooThemes – 2.7.17
WooCommerce Stamps.com API integration: by WooThemes – 1.2.5
WooCommerce: by WooThemes – 2.5.5
WooThemes Helper: by WooThemes – 1.6.2
Yoast SEO Premium: by Team Yoast – 3.2.2
WP Super Cache: by Automattic – 1.4.8

### Settings ###

Force SSL: –
Currency: USD ($)
Currency Position: left
Thousand Separator: ,
Decimal Separator: .
Number of Decimals: 2

### API ###

API Enabled: ?
API Version: 3.1.0

### WC Pages ###

Shop Base: #2214 - /shop/
Cart: #2215 - /cart/
Checkout: #2216 - /checkout/
My Account: #2217 - /my-account/

### Taxonomies ###

Product Types: external (external)
grouped (grouped)
simple (simple)
variable (variable)

### Theme ###

Name: Metro Pro Theme
Version: 2.0.1
Author URL: https://www.studiopress.com/
Child Theme: ?
Parent Theme Name: Genesis
Parent Theme Version: 2.2.7
Parent Theme Author URL: https://www.studiopress.com/
WooCommerce Support: ?

### Templates ###

Overrides: –

Thanks so much!

No, admin-name is NOT admin. It’s a long Fijian word that no one who doesn’t speak the Fijian language could ever guess. Kind of like they used Navajo-speaking radio operators in Germany in WWII on unencrypted channels, with no danger of interpretation of the communications by the Nazis.

I’ll do the upgrades then check back in if there seem to be issues with AIOWPS. THANKS AGAIN!!!

Aloha, Tim………

Aloha mbrsolution

Plugin version 4.0.1, WP 4.2.7 running Metro Pro from Genesis 2.1.2. About to do a major update of all plugins after a DB backup, then do one at a time and hope for the best. If you say update everything then check to see if it’s still happening, no problem, I’ll do that.

I had the AIOWPS/Login Lockdown Configuration set to “Instantly Lockout Invalid Usernames” once, then accidentally did a typo on login and got my IP locked out. I fixed it in the database then reactivated the plugin, of course.

But I’ve got a question about that: does it allow me multiple login attempts if I’ve got the Rename Login Page feature activated, or does it boot me out after one typo? It’s off now, but if you say ON, I’ll turn it on.

Also, if I enable whitelisting of my IP, and typo on login, will it boot me out, or allow another attempt? I was hesitant to try this after the lockout experience with Invalid Usernames, and it seemed like the regular WP login was catching all the hack attempts. I NEVER use my admin login to author posts (only an “Editor” login), so my admin username never shows up in the author box, and all kinds of hackers try to login with either “admin” or my Editor username.

Really, thanks for any advice you can offer here. AIOWPS has so many bells and whistles that I didn’t catch them all the first time around.

Aloha, Tim…….

Aloha Friends at AIOWPS

I enabled Pingback Protection; also enabled Block Access To Debug Log File (JIC).

I’m still getting hack attempts from blocked IP’s; the same ones over and over (in this case, 195.74.38.*). Like I said, this is a hiccup in an otherwise perfect meal. Can you please tell me what might be going on?

The site is https://www.friendlyaquaponics.com/ if you’d like to try a hack; let me know your IP so I can see if it gets through the blacklist manager after I enter it there.

Thanks, Aloha, Tim…….

Did not have Pingback Protection enabled. Is that where these attacks are coming into the site from?

I’ve enabled it; also enabled Block Access To Debug Log File (JIC).

As I understand, all this will do is prevent me from remote editing my site when on a tablet or iPhone, but NOT from my remote laptop. Is this correct?

Thanks for your help!

Aloha, Tim…….

Thanks Lorro!!

I know about the “not a good idea”, but I record everything I’ve done and as a result it doesn’t take much time to apply the previous custom formatting to the upgrades.

Genesis, for all its good points, is a mess when it comes to css customizations. It holds some css customizations in the style.css file (the ones you edited in that file), some customizations in the wp-content/uploads/gppro/gppro-custom-1.css file (from Genesis Design Palette Pro), and some in Lala Land (these are customizations done with their “Customize” function; I’ve never bothered to find where it keeps its file).

Some of these override others, and some that you think SHOULD override others don’t. I’ve got it all documented so I could rewrite my customizations in my sleep without having to go through the learning curve again. So much for “easily customizable” child themes! I’m going to checkout out your css validator, thanks for the ref!

Anyway, thanks a TON! Aloha, Tim………..

Aloha Royho

I’ve overridden the styles in my theme all over the place already, and none of those overrides affect the WooCommerce title text in the Product page’s “Product Short Description”. It’s huge, black, and jars with the other elements in the theme. Here’s the link: (https://www.friendlyaquaponics.com/product/commercial-aquaponics-custom-farm-design/).

I’m using Genesis, the child theme Metro Pro; I made a bunch of CSS edits in the child theme file to create the look and feel of my site. I am also using Genesis title toggle (by Bill Erickson) to turn off page and post titles so I can customize them in the html body text and get them to look right.

The Genesis title toggle plugin won’t turn off the WoodCommerce Product Name, which appears in the Product page’s “Product Short Description”. Barring being able to turn it off, I’d at least like to be able to use css in the appropriate file to edit the text size (it’s way too huge now), and colors (black jars with my site theme) of the product short description.

So, please, where is the WooCommerce file with the css that controls the Product Name text size and color, which appears in the Product page’s “Product Short Description”? I can find it if I need to, it will just take me a terribly long time to do so with my slow internet service.

Thank you, Aloha, Tim…………..

Thank you Steve Gantz!

Server is off-site somewhere in the cloud; a VPS setup with iPage.

Ahh, as usual the explanation is technical and unexpected (there IS no magic in the universe); one would think that the originating IP address of the computer would be what was picked up and denied, but if our ISP assigns an IP address to our router (probably in an attempt to simplify its job?) then, as you say, anything coming from that router would be blocked.

Thanks again; couldn’t have guessed on my own that this was what was happening. All this goes in my ongoing document “WordPress and website tips and tricks”. I write all this stuff down so that the next time I have to deal with it it’s not a mystery.

Aloha, Tim…………..

OK, last time: I am not good at communicating this:

I logged in with “Bad User” the first time on my desktop, and got a message “incorrect username or password”. Then, I tried logging in with my admin user name “MyAdminUserName”, and found out the desktop computer’s IP was locked out.

I then tried logging in with “MyAdminUserName” on my laptop computer, which has an entirely different IP from the desktop computer that got locked out, and STILL got the “IP is locked” message.

What I don’t understand is the locked IP message on the second computer; how can it be locked if I’ve never even tried to log in from it? I did not use the same IP, which was obviously locked.

Sorry, I didn’t explain that very well the first time. I did NOT log in with the correct admin username the first time,

I logged in with “Bad User” the first time on my desktop, and got the IP locked out. This is NOT my admin user name.

I logged in with “MyAdminUserName” the second time on my laptop, and got the “IP is locked” message. This is why I don’t understand the locked IP message on the second computer; I did not use the same username.

I must be dense over here, I still don’t get it.

The IP of the first computer (my desktop) got locked out when I typed in a random username and password. That makes total sense, you don’t want to allow a single IP to make lots of attempts to hack you just because it can provide fake emails, names, and passwords really fast.

But when I tried to log in from a different IP, how can the account itself be locked from the first attempt? There is nothing connecting the first attempt to the second, except they are trying to login to the same account.

As admin, I get 20-50 lockout notifications a day from AIOWPS from hack attempts on the site, but none of those attempts lock ME out of the site. If, as you say, the account gets locked by a bad login attempt, why doesn’t it get locked by those? How can I login any time I want? It seems that the account couldn’t be locked by a fake login, because otherwise how could I log in right after a hack attempt? (they happen every 20 minutes or so 24/7).

If this is so, it seems the only way it could work is that AIOWPS knows the IP of the admin machine (how?), and when an illicit login happens from THAT machine (like another office worker trying to break into a fellow worker’s WordPress site after hours), it not only locks the IP, but the account also?

Really trying to understand; what I’m after here is implementing AIOWPS in the most effective manner possible. Whatever help is offered is greatly appreciated.

Sorry, should have put all that in.
Allow unlock requests: no
max login attempts: 10
Time length of lockout: 60
Enable login lockdown: yes
login retry time period: 10
Instantly lockout invalid usernames: yes

I got back in, set “Instantly lockout invalid usernames” to no, and it works fine; I can now do a wrong login up to ten times without getting locked out from the same IP. That’s NOT the problem; the problem is that the first thing I did when I got the “your IP address is blocked” message is to go to another computer with a different IP and login. I typed the login carefully and am certain I got it right; I was also blocked on that computer with the same “this IP is blocked” message.

My question is really: is there any way this can happen, or would you say I probably mistyped (which I’m certain I didn’t)?

Thanks, Tim………..