Title: Plugin blocking all login
Last modified: March 23, 2019

---

# Plugin blocking all login

 *  Resolved [doctorkaraca](https://wordpress.org/support/users/doctorkaraca/)
 * (@doctorkaraca)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/)
 * I just noticed this morning that a brute attack was attempted by somebody on 
   my site. The plugin worked as it should and blocked access. However I think it
   banned every IP, not just the attacker’s. As the admin I was not able to login
   despite changing my IP several times. It is important to note that even before
   I attempted login I got a message saying “1 attempt remaining.” I could reproduce
   this on other sites I manage as well. I had to disable the plugin for now. Is
   anybody else having this problem?

Viewing 13 replies - 1 through 13 (of 13 total)

 *  [abijita](https://wordpress.org/support/users/abijita/)
 * (@abijita)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11358504)
 * I am also having this issue after the latest update. The plugins is not working
   properly. I have whitelisted some of my ip’s but i am no longer able to log-in
   from that ip’s also. when someone enter the wrong password more than three times
   then the plugin should locked the particular ip however, every ip’s are locked.
   If you want to disable the plugins simply go to your cpanel go to wp-content/
   plugins folder and simple rename the plugins and that will be deactivated automatically.
   surprisingly, the login attempts are made from my own ip itself (where i have
   hosted my website). This is crazy.
 *  [michabarth](https://wordpress.org/support/users/michabarth/)
 * (@michabarth)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11361324)
 * I’m having the same problem with our customer websites. Had to deactivate the
   plugin via ftp …
 *  [tcghs](https://wordpress.org/support/users/tcghs/)
 * (@tcghs)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11399603)
 * Me too – I was impressed the plugin stopped the brute force attack but now I 
   can’t login even with the correct wp-admin credentials. Just get a “too many 
   login attempts” error.
 *  [nissimziv](https://wordpress.org/support/users/nissimziv/)
 * (@nissimziv)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11402246)
 * Me too. The same as above.
    I hope the plugin developer is working to correct
   this issue.
 *  [abijita](https://wordpress.org/support/users/abijita/)
 * (@abijita)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11402298)
 * Guys remove that plugins and install Wp Cerber Security.
    This one is quite good
   and i am using this
 * [https://wpcerber.com/](https://wpcerber.com/)
 *  Plugin Author [WPChef](https://wordpress.org/support/users/wpchefgadget/)
 * (@wpchefgadget)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11403289)
 * Hi guys,
 * Do you use any type of dns/proxy services, like CloudFlare?
 *  [DrBobo](https://wordpress.org/support/users/bvhprods/)
 * (@bvhprods)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11404519)
 * I use OpenDNS [https://www.opendns.com/](https://www.opendns.com/)
 * I have OpenDNS DNS servers configured on my computer.
 * Would that be causing the Limit Login Attempts Reloaded lockouts?
 *  [DrBobo](https://wordpress.org/support/users/bvhprods/)
 * (@bvhprods)
 * [7 years, 2 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11404537)
 * I have been locked out only once thus far, but almost every time I have to paste
   in the login URL, user name, and password into the browser two or three times
   before I can actually get into the WordPress dashboard, a real pain in the tail.
   Once in awhile I have to rename the Limit Login Attempts Reloaded directory so
   I can get into an account. Hopefully we can figure out why and fix it before 
   I go insane…
 *  Thread Starter [doctorkaraca](https://wordpress.org/support/users/doctorkaraca/)
 * (@doctorkaraca)
 * [7 years, 1 month ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11424018)
 * Any of you using HostGator as host? I believe there was a configuration error(
   they switched to another version) on their part where Apache was returning host
   IP instead of client IP. They were aware of this situation and they were fixing
   it at server level. It seems to have been resolved now. The plugin is working
   as it should for me.
    -  This reply was modified 7 years, 1 month ago by [doctorkaraca](https://wordpress.org/support/users/doctorkaraca/).
    -  This reply was modified 7 years, 1 month ago by [doctorkaraca](https://wordpress.org/support/users/doctorkaraca/).
 *  [DrBobo](https://wordpress.org/support/users/bvhprods/)
 * (@bvhprods)
 * [7 years, 1 month ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11451791)
 * Attention: 2by2host
 * Why did you ask “Do you use any type of dns/proxy services, like CloudFlare?”?!
 *  Plugin Author [WPChef](https://wordpress.org/support/users/wpchefgadget/)
 * (@wpchefgadget)
 * [7 years, 1 month ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11482159)
 * Hello guys,
 * We have uploaded a new version of the plugin.
 * The plugin doesn’t trust any IP addresses other than _SERVER[“REMOTE_ADDR”] anymore.
   Trusting other IP origins make protection useless b/c they can be easily faked.
   This new version provides a way of secure IP unlocking for those sites that use
   a reverse proxy coupled with misconfigurated servers that populate _SERVER[“REMOTE_ADDR”]
   with wrong IPs which leads to mass blocking of users.
 * Please try it out.
 *  Thread Starter [doctorkaraca](https://wordpress.org/support/users/doctorkaraca/)
 * (@doctorkaraca)
 * [7 years, 1 month ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11482322)
 * Thank you! It works normally now.
 *  [MRM4](https://wordpress.org/support/users/mrm4/)
 * (@mrm4)
 * [6 years, 10 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11764994)
 * Sorry for replying to a solved thread. Which plugin was causing this issue with
   everyone? I am now having the same problem with all admin users. Our host is 
   GoDaddy. Thanks.

Viewing 13 replies - 1 through 13 (of 13 total)

The topic ‘Plugin blocking all login’ is closed to new replies.

 * ![](https://ps.w.org/limit-login-attempts-reloaded/assets/icon-256x256.png?rev
   =2456910)
 * [Limit Login Attempts Security - Login Security, 2FA, Firewall, Brute Force Prevention](https://wordpress.org/plugins/limit-login-attempts-reloaded/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/limit-login-attempts-reloaded/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/limit-login-attempts-reloaded/)
 * [Active Topics](https://wordpress.org/support/plugin/limit-login-attempts-reloaded/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/limit-login-attempts-reloaded/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/limit-login-attempts-reloaded/reviews/)

 * 13 replies
 * 8 participants
 * Last reply from: [MRM4](https://wordpress.org/support/users/mrm4/)
 * Last activity: [6 years, 10 months ago](https://wordpress.org/support/topic/plugin-blocking-all-login/#post-11764994)
 * Status: resolved