pronl

@panatapattu

Are you using a Windows based server (instead of linux) ?
Is the web server being used on that server Apache ?
What browser are you using ?
Multi Site ?
PHP version ?
MySQL version ?

If you provide the info above we might be able to figure this out.

@mte90

Thanks for sharing that.
Looks like a custom HTTP header. Usually it would look like ‘HTTP_X_FORWARDED_FOR’.
But that is already included in the get_ip() method.

Where did you put that piece of code anyway ? In the active theme functions.php file ?

You probably got lucky because according to the 5.7.1 Changelog:

Bug Fix: Remote IP is now correctly identified if the server is behind a reverse proxy that sends requests with more than one IP listed in a single header.

and

Enhancement: Improved the logic for determing the requesting IP address to better handle situations where the site is behind a reverse proxy.

The 5.7.1 plugin was released yesterday ??

@blackhawkcybersec

Just trying to set the right expectations.

And no I’m not with iThemes. This is a public forum. Therefore anyone from the community can contribute to any topic.

Totally agree with the rest of your post though.

@wealthy

I’ll just repeat what I said before because it seems to me you missed that part:

I’m not part of the iThemes gang.

The fact that you have doubts about this says more about you than about me.

I’m very well aware of the structural issues in this security plugin.
There is a LOT of constructive stuff I could tell but I’ll save that
for thankfull souls …

Unsubscribed from this topic…

(Which means there is no point in posting another response because I won’t be notified so I’ll never everrr read it … Thought I better mention that because you seem to be missing a lot ;-))

@wealthy

First of all I’m not part of the iThemes gang.
So there is no point in wining to me.

Second of all I’m not the enemy. In fact I totally agree with you.

Ask yourself this question:

Should www.remarpro.com host a free plugin from a commercial company that states in the readme.txt file that they “do not monitor the www.remarpro.com support forums” ?

Which isn’t entirely true by the way. They do occasionally respond to some topics (even though there is hardly any follow up when they do). Especially when a new version is released they suddenly show some interest in issues being reported … The thing is any issues reported in the FREE plugin will also be an issue in the paid for PRO plugin offering them an opportunity to improve their PRO plugin.

So basically they use the feedback from this forum when it suits them best.
Which I think says a lot of how iThemes does business.

This may sound a bit unthankful towards iThemes. So I just hurry to say this is a pretty decent security plugin which is still entirely FREE. And that is appreciated. However it does have a few quircks and may need some tweaking in order to get it running properly.

My earlier post was just to set the right expectation.
You may be waiting for an answer for weeks or months that is never going to come.
Pretty decent thing to do if you ask me.

I humbly accept any thank you ??

@xenomorph1030

I don’t think you even need an ‘unlimited sites’ package.

As I understand it, a license is linked to a site domain.
So if the site is scaling to 2,3,4 servers. Big deal.
One license will do just fine.

Anyway this is not the place for such sales questions.
Send an email to [email protected]
Please do let me know in case my license understanding turns out to be incorrect ??

@xac1909

There is absolutely no usefull information provided, in both the title as well as the content of your topic, that would allow the community to help you.

Your topic looks more like a review which does not belong on this forum. So next time post your opinion as a plugin review ??

Oh and yesss, this plugin is pretty efficient. But it may need some tweaking to get it running properly.

@blackhawkcybersec

According to the FAQ section in the readme.txt file:

= Where can I get help if something goes wrong? =
* Official support for this plugin is available for iThemes Security Pro customers. Our team of experts is ready to help.

Free support may be available with the help of the community in the www.remarpro.com support forums (Note: this is community-provided support. iThemes does not monitor the www.remarpro.com support forums).

@wealthy

According to the FAQ section in the readme.txt file:

= Where can I get help if something goes wrong? =
* Official support for this plugin is available for iThemes Security Pro customers. Our team of experts is ready to help.

Free support may be available with the help of the community in the www.remarpro.com support forums (Note: this is community-provided support. iThemes does not monitor the www.remarpro.com support forums).

@chiron34

Nope, reinstall is not going to fix it.

• This reply was modified 8 years ago by pronl.

@mte90

Look for HTTP_X_FORWARDED_FOR

Even if a certain HTTP header is not included in the plugin code, the plugin offers a filter to add any missing HTTP header(s) …

@mte90

Make sure the Override Proxy Detection setting is not enabled in the Global Settings module.

• This reply was modified 8 years ago by pronl.
• This reply was modified 8 years ago by pronl.

@tazotodua

WordPress version ?

Have you been moving things (like database) from one server to another like from test to production ?

@fitnursetaylor

Yesss you can ! Sorry, could not resist ??

It seems your site is leaking usernames which makes it an interesting target.
Basically your site is not properly protected. Or in your terminology, it’s not fit ??
Using part of the site domain name as a user is not helping either …

• This reply was modified 8 years ago by pronl.

@epixmedia

No, it’s not possible to only disable lockout email notifications which are the result of invalid login attempts by the admin user. And it’s also not a PRO feature.

If everything is properly configured you should by default get 3 (configurable) temporary lockouts after which the IP address attempting to login as admin is permanently banned (in the .htaccess file if using Apache web server).
(Assuming the Automatically ban “admin” user setting in the Local Brute Force Protection module is enabled. Note (permanent) “ban” should read (temporary) “lockout”).

If the attacker switches to another IP after being banned, another 3 temporary lockouts will occur after which the new IP will be banned as well etc etc

Check the Logs page and try and determin whether these host lockouts are occurring as a result of invalid (admin) login attempts from a single IP address or from multiple IP addresses. Another way to check is to look at the IP address in the lockout notification emails received.

In short when the plugin is properly configured you should by default only get 3 host lockout emails per IP (which is attempting to login as admin).
How many host lockout emails are you receiving ?

Also does the admin user actually exist ?

What web server are you using ? (Apache, NGINX, MS IIS)

If properly configured it is possible to minimize these host lockout email notifications. Possibly to 0 or just 1 per IP.