No more admin access

  • Resolved gabrielsch

    (@gabrielsch)


    10 years, 3 months ago

    Hello,

    first of all I want to say that I really love this plugin!

    After a few weeks of using wp-simple-firewall I have made some changes today.
    I have checked the “Block PHP Code Includes” within “Firewall”.
    After that I was not able to loin again.

    Short search and I found the forceOff trigger.
    Ok, I can login again.

    But: “Block PHP Code Includes” together with “Block WordPress Specific Terms” does not work for me.
    If both are checked I can not login anymore.

    If I disable “Block WordPress Specific Terms” the login works.

    Does anybody know a solution for keeping both checked?

    Regards,
    Gabriel

    https://ww.wp.xz.cn/plugins/wp-simple-firewall/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Paul

    (@paultgoodchild)

    10 years, 3 months ago

    You could check the Audit Trail and see what exactly is being blocked… it might lend some clues.

    Thread Starter gabrielsch

    (@gabrielsch)

    10 years, 3 months ago

    Hi Paul,

    thanks for your answer.

    There are this two entries:
    First:
    Event: firewall block
    “Seiten Parameter verhindert Firewall Prüfung. Der fehlerhafte Parameter war “pwd” mit dem Wert “***” (changed from me). Firewall-Trigger: WordPress Terms. Firewall Block Rückmeldung: Besucher-Verbindung wurde mit wp_die() und einer Nachricht beendet.”
    I will try to translate:
    “Site parameters prevents Firewall check. The incorrect parameter was “pwd” with value “***” (changed from me). Firewall-Trigger: WordPress Terms. Firewall Block response: Visitor-Connection was terminated with wp_die() and a message.”

    Second:
    Event: transgression counter started
    Message: Auto Black List transgression counter was started for visitor at IP address “193.158.*.*” (changed from me).

    This was our first try to login after over 12 hours.

    PS if important: We have changed the default login page from wp-login to another one.

    Plugin Author Paul

    (@paultgoodchild)

    10 years, 3 months ago

    Interesting… basically there’s a set of letters in your WordPress password that’s triggering the firewall. 2 ways around this for now.

    1) Turn off the WordPress Terms check
    2) Change your WordPress password

    I’m going to add the “pwd” field to the white list for the next release so this wont be a problem after that.

    Thanks!

    Thread Starter gabrielsch

    (@gabrielsch)

    10 years, 3 months ago

    Jesus I was blind…
    You are absolutely right!
    Changed our password and login is fine.

    Thanks a lot for your help!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘No more admin access’ is closed to new replies.