neverpaintagain

Thank you to all who replied, I appreciate the advice. However for some reason the phenomenon has stopped and has not returned but i will keep an eye on it

Hi thank you for your reply. My IP address is already listed under “Allow listed IP addresses that bypass all rules” in the options screen. The strange thing is the offending IP address in my original post is acting like a spambot, and wordfence is blocking it when it tries to access all sort of weird urls that do not relate to my site. Each time it hots it is listed in “live traffic” as

“An unknown location at IP?127.0.0.1?was?blocked by firewall for Known malicious User-Agents?“

….and a WHOIS search tells me this………

NetName: SPECIAL-IPV4-LOOPBACK-IANA-RESERVED
NetHandle: NET-127-0-0-0-1
Parent: ()
NetType: IANA Special Use
OriginAS:
Organization: Internet Assigned Numbers Authority (IANA)
RegDate:
Updated: 2013-08-30
Comment: Addresses starting with “127.” are used when one program needs to talk to another program running on the same machine using the Internet

Comment: Protocol. 127.0.0.1 is the most commonly used address and is called the “loopback” address.

So from one point of view it appears to be harmless and from another point of view it looks and behaves just like a spambot so am very confused, and advice would be helpful.

sorry, i mean to say the

<!–more–>

tag.

yeah i have gone on there before and some peoples advice has been maybe well meaning but not to be taken seriously. I will see what anyone says.

ok you reckon post there? Will do

hi andrew thanks for the reply.

I am reading conflicting info on various sites about this. I feel that google wants to read the wp ioncludes and may penalise me if not, however how can i stop the files being indexed as it seems ridiculous that google would index what amoutns to a shed load of random data

awesome, thanks ever so much for your help and advice. ??

……so if i followed your instructions and unticked the box, i WONT be locked out?

Hi Keith.

So the plug in does NOT deny access, even if I add their IP? Thats pretty much what i wanted to do, ban people who tried to login and got picked up by BPS plugin.

I can see what you mean, but if i uncheck “credentials” bit, but am very catious that it would lock me out, which would not be good. How do i make SURE it wont log me out, is there a whitelist i can add my own IP to?

ok, another question, once i have entered an IP address i catch trying to log in, like this morning someone form 118.244.254.17 tried to log in and the admin account was locked. I entered their IP address in the DENY LIST and saved it. 5 minutes later the SAME ip address, the one i blocked, was able to try and login again.

Is there a delay after i enter the IP? I mean surely when i put the IP in to deny it, it should instantly work but it does NOT. I appreciate your help on here, but can you explain why this is happening? Thanks

HI thanks for replying. In the add the ONLY way we could block this person was at root server level!!!!!!

So apart from that very happy with plugin but i still cant see WHY this person could still get thru despite me following the plug in instructions!

i tried adding the code you gave and it broke my site i had to go in to my server and edit ht access, i obviously put it in the wrong place.

So the deny thing you posted above, exactly WHERE should it go in the file and in WHAT format, e.g. does it need a # in front of it?

well thats the thing, he HAS tried to login, on many occasions, and have put all sorts of permutations of blocking based on his IP, his tld, “Ukraine” in the block country option, entering his domain, his ISP, the lot, but each and every time this person keeps on trying to log in to the admin page, i really dont know what else to do. He wont get in, its just annoying

and NO the use is not getting past the security, its pretty tight.

hi Keith, thanks for replying but the plugin is supposed to handle the deny IP thing, however in this case, it is not working.

I have also blocked Ukraine by country in the plugin admin, plus blocked the TLD .ua (Ukraine) and this plugin was supposed to stop all that but in this one case it is not doing so.