Top 10 Most Frequently Asked Questions
There will be many indicators that will tell you if you’re under a more serious brute-force attack. 1) The log of lockouts grows fast 2) You get a lot of lockout notifications (if they are turned on which is recommended) 3) You site operates slower for unknown reason 4) You get a notice from your hosting provider.
After you complete your purchase of the premium cloud app, you are provided an email with instructions to complete the setup. If you have followed the instructions and the cloud app does not activate, please make sure the plugin is updated to the latest version before attempting again. If you still have issues, please email us at sales@limitloginattempts.com for implementation assistance. There are rare situations where your WordPress site settings may be blocking how the plugin functions, and this will require our techs to resolve.
Open the site from another IP. You can do this from your cell phone, or use Opera browser and enabling free VPN there. You can also try turning off your router for a few minutes and then see if you get a different IP address. These will work if your hosting server is configured correctly. If that doesn’t work, connect to the site using FTP or your hosting control panel file manager. Navigate to wp-content/plugins/ and rename the limit-login-attempts-reloaded folder. Log in to the site then rename that folder back and whitelist your IP. By upgrading to our premium app, you will have the unlocking functionality right from the cloud so you’ll never have to deal with this issue.
Please read this article for a detailed answer.
We understand it might seem that login attempts are fake because there are so many of them. We recommend reading this article for more details.
Please read this article for a detailed answer.
The premium plan’s limits are so high that it should accept almost any heavy brute-force attack. We constantly monitor if your site is in good shape and if we notice any potential problems we will temporarily increase the limits in case of fair usage. If you are using the free version, the load caused by brute force attacks will be absorbed by your current hosting bandwidth, which could cause your hosting costs to increase.
If you are using contemporary hosting, it’s likely your site uses a proxy domain service like CloudFlare, Sucuri, Nginx, etc. They replace your user’s IP address with their own. If the server where your site runs is not configured properly (this happens a lot) all users will get the same IP address. This also applies to bots and hackers. Therefore, locking one user will lead to locking everybody else out. In the free version of the plugin this can be adjusted using the Trusted IP Origin setting. In the premium version, the cloud service intelligently recognizes the non-standard IP origins and handles them correctly, even if your hosting provider does not.
This is normal for many users. This means that there has been existing bot behavior on your account.
The URLs being protected are your login page (wp-login.php, wp-admin), xmlrpc.php, WooCommerce login page, and any custom login page you have that uses regular WordPress login hooks.