Banned Users/Hosts not being ‘banned’ from site

  • SiteBites

    (@sitebites)


    7 years, 8 months ago

    Hi,

    We have an IP address which has tried multiple times to login to the WP Admin area, after which iThemes added the user’s IP address to the Banned Users list and sent a Site Lockout Notification.

    However, we are continuingly receiving the Site Lockout Notification emails, every minute. Which leads me to believe that the IP address has not been banned from the site.

    How can I ensure that this IP address (or any IP address) are banned from the site?

    Thank you

Viewing 2 replies - 1 through 2 (of 2 total)
  • nlpro

    (@nlpro)

    7 years, 8 months ago

    The current iTSec plugin (7.0.4) IP ban feature solely relies on entries automatically being added to the Web Server config file (Apache -> .htaccess).
    For every IP added to the Banned Hosts list the plugin will add an entry to the .htaccess file.

    This works fine on Apache since any changes to the .htaccess file are effective immediately.

    On NGINX changes to the config file (like nginx.conf) are not immediately in effect.
    The nginx config needs to be reloaded or nginx needs to be stopped/restarted.
    A system administrator will know what to do in order to automate this process.

    nlpro

    (@nlpro)

    7 years, 8 months ago

    Oh, I almost forgot to mention that in the iTSec Pro plugin the following tweak (as described in the Pro 5.3.5 Changelog) has recently been implemented:

    Tweak: Check if an IP is blacklisted on page load for compatibility with servers that cannot process server configuration level bans immediately.

    There is a good chance that iThemes will include the same tweak in the next release of the free plugin.

    If you cant’t wait for that it’s a minor code change. Implemented in 5 minutes.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Banned Users/Hosts not being ‘banned’ from site’ is closed to new replies.