LOCKOUT LOGS

Hi There,

Just installed Defender Plugin. Then kept receiving "LOCKOUT LOGS" warnings. Hundreds in several hours. See attached image, which is part of them.

I believe our website is in danger. Lots of potential attacks. Right? How to fix?

Further question: due to above reason, i banned all unknown IP. The weired thing is: i myself was banned. One thing is confirmed: my IP is not in blackip list. Why?

Thank you,

  • Luís

    Hi OnlyDinosaurs ,

    Hope you're doing well today!

    The IP lockouts feature of Defender have different options to block/lockout an IP, it could be due to failed login attempts or to try access to files which doesn't exist (404 detection).

    Looking for your log, seems that you are using both options and I think there is not much to do more about this, Defender is doing its job blocking the IP's that have a "suspicious activity".

    If you don't want to receive these notifications, you can disable them in the lockouts Notifications options page ( Defender > IP lockouts > Notifications).

    Further question: due to above reason, i banned all unknown IP. The weired thing is: i myself was banned. One thing is confirmed: my IP is not in blackip list. Why?

    Even that your IP is not in the blacklist, you can be locked dueo too many failed attempts (log in or access to files which doesn't exist ). To avoid this situation you can:

    1) Disable the Monitor 404s from logged in user

    Go Defender > IP Lockouts > 404 Detection and in the "Exclusions" section, uncheck "Monitor 404s from logged in users" option.

    2) Whitelist your IP address to prevent lockout.

    2.1) Go to this site, copy your IP address.

    2.2) Then, go to Defender -> IP Lockouts and in the "Whitelist" section, insert your IP in text box in a new line and save the changes.

    I hope this information has been helpful. If I can help you in this or other questions, please let me know!

    Cheers, Luís

  • Luís

    Hi OnlyDinosaurs ,

    Hope you're doing well today!

    Firstly, sorry for the late reply and all the problems it may have caused.

    This issue only happened after using the Hardener feature of Defender? I tried to access your site using support staff access, but it's displaying the following error message:

    This is an invalid access token. Please ask the user to grant access.

    Could you please revoke and after regrant the support staff access again?

    Cheers, Luís