Admin blocked

Resolved miksbl
(@miksbl)

7 years, 12 months ago

Hi. Since today I am blocked from the wordpress admin dashboard. If I try to login I get the message “Sorry ….., your request cannot be processed. For security reasons, it was blocked and logged. If you believe this was an error please contact the
webmaster and enclose the following incident ID: [ #20….. ].

What can I do? If I deactivate the plugin, I can login. But as soon as I activate it again, I’m blocked.

Viewing 8 replies - 1 through 8 (of 8 total)

Plugin Author nintechnet
(@nintechnet)

7 years, 12 months ago
Hi,

Create a file named “.htninja”, add this content to it:
```
<?php
// Temporarily disable the firewall:
return 'ALLOW';
```
Upload it over FTP to your WordPress root folder.
Log in to the admin dashboard, go to “NinjaFirewall > Firewall Log”, search for the incident ID which was displayed to you when you were blocked in the log, and paste here the corresponding line.

Note that as long as you have the “.htninja” enabled on your site, the firewall will not block anyone or any threats.
Thread Starter miksbl
(@miksbl)

7 years, 12 months ago
Thank you. With your code I am able to login. Here are some lines of the Log with my IP yesterday.
```
12/Jun/18 17:11:11  #31031xx  CRITICAL     -  178.xxx.70.xxx   GET /wp-admin/index.php - WordPress: Blocked privilege escalation attempt - [Username: Admin User, ID: 5] - domain.de
12/Jun/18 17:11:20  #23778xx  CRITICAL     -  178.xxx.70.xxx   POST /wp-admin/admin-ajax.php - WordPress: Blocked privilege escalation attempt - [Username: Admin User, ID: 5] - domain.de
12/Jun/18 17:11:22  #31718xx  HIGH       105  178.xxx.70.xxx   GET /wp-admin/index.php - Cross-site scripting - [COOKIE:ct_checkjs = <script>if(document.body===null||document.body===undefined){document.write('NinjaFirewall: [NinjaFirewall] Blocked privilege escalation attempt.')] - domain.de
12/Jun/18 17:11:23  #56390xx  HIGH       105  178.xxx.70.xxx   GET /index.php - Cross-site scripting - [COOKIE:ct_checkjs = <script>if(document.body===null||document.body===undefined){document.write('NinjaFirewall: [NinjaFirewall] Blocked privilege escalation attempt.')] - domain.de
```
Plugin Author nintechnet
(@nintechnet)

7 years, 12 months ago

Can you make sure you are whitelisted by the firewall? Go to “NinjaFirewall > Firewall Policies > Basic Policies”, scroll down to the bottom of the page and make sure “Add the Administrator to the whitelist (default)” is enabled.

Thread Starter miksbl
(@miksbl)

7 years, 12 months ago

Yes, the option “Add the Administrator to the whitelist (default)” is enabled.

Plugin Author nintechnet
(@nintechnet)

7 years, 12 months ago

The firewall log shows entries with “COOKIE:ct_checkjs” and a quick search on the WordPress repo seems to point to this plugin:
https://ww.wp.xz.cn/plugins/cleantalk-spam-protect/
Is it installed on your blog?

Thread Starter miksbl
(@miksbl)

7 years, 12 months ago

Yes. Cleantalk is installed.

Plugin Author nintechnet
(@nintechnet)

7 years, 12 months ago

The plugin triggers the alert.
Try to disable the firewall’s privilege escalation attempt protection: open your “wp-config.php” file and add this line of code:

define( 'NFW_DISABLE_PRVESC2', true );

Remove the “.htninja” file and try again to log in to see if the issue is solved.

Thread Starter miksbl
(@miksbl)

7 years, 12 months ago

Thank you. That works fine.

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Admin blocked’ is closed to new replies.