Plugin Author
AITpro
(@aitpro)
Are you using custom IP blocking .htaccess code? If so, then you will need to whitelist the Sucuri Cloud IP addresses or remove the IP based blocking custom .htaccess code. See the link below for help references about Cloud, Proxy, VPN, etc.
http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/
Thanks for tip but i have still this problem.
I don’t use custom .htaccess file. When i delete .htaccess file which was created by bulletproof plugin problem goes away.
When i again create new .htaccess file with this plugin problem come back.
WP-ADMIN error 403.
Plugin Author
AITpro
(@aitpro)
Ok post the BPS Security Log error that is relevant to this issue so I can see what is being blocked.
Here you go:
>>>>>>>>>>> 403 GET or Other Request Error Logged – Okt 11, 2013 | 0:03 – 0.03 <<<<<<<<<<<
REMOTE_ADDR: 142.167.94.243
Host Name: fctnnbsc30w-142167094243.dhcp-dynamic.FibreOp.nb.bellaliant.net
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 142.167.94.243
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-login.php
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.65 Safari/537.36
>>>>>>>>>>> 403 GET or Other Request Error Logged – Okt 11, 2013 | 13:36 – 13.36 <<<<<<<<<<<
REMOTE_ADDR: 213.226.141.30
Host Name: IN-213-226-141-030.bitemobile.lv
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 213.226.141.30
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-login.php?redirect_to=http%3A%2F%2Fvmxx.net%2Fwp-admin%2F&reauth=1
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0
Plugin Author
AITpro
(@aitpro)
Server Protocol HTTP/1.0 means that these are either hackers or spammers that were blocked. There are some older Proxy apps like older versions of Squid Proxy that still use HTTP/1.0. Upgrading to newer versions of this app resolves that issue.
These errors are not related to what is being blocked so probably there are not any errors be logged for whatever is blocking Sucuri. I will need to do some more research and check with the Sucuri folks to find out what the issue is.
Plugin Author
AITpro
(@aitpro)
Which .htaccess file did you delete? The wp-admin or root .htaccess file?
Problem was solved when i deleted root .htaccess file via FTP. This is how i gained control over my wp-admin. I think there was problem with root.htaccess file but i’m not sure.
I tried latest version of Bulletproof Security (plugin version 49.4) and problem still remains when i activated .htaccess bulletproof mode.
Error 403:
http://i39.tinypic.com/261iyd5.png
The same problem when i try to log-in into my wp-admin:
>>>>>>>>>>> 403 GET or Other Request Error Logged – Okt 15, 2013 | 18:23 – 18.23 <<<<<<<<<<<
REMOTE_ADDR: 87.110.6.51
Host Name: 87.110.6.51
SERVER_PROTOCOL: HTTP/1.0
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR: 87.110.6.51
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER:
REQUEST_URI: /wp-login.php?redirect_to=http%3A%2F%2Fvmxx.net%2Fwp-admin%2F&reauth=1
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36
Plugin Author
AITpro
(@aitpro)
This is actually not a issue/problem with Sucuri and is a issue/problem with the new Brute Force Login Protection code. It just does not work on some Servers so edit your root .htaccess file and delete the new code.
http://ww.wp.xz.cn/support/topic/cant-log-out-403-forbidden/page/2?replies=40
Thanks. This method working:
# BRUTE FORCE LOGIN PAGE PROTECTION
# Protects the Login page from SpamBots & Proxies
# that use Server Protocol HTTP/1.0 or a blank User Agent
RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
RewriteRule ^(.*)$ – [F,L]
