Unblocking your IP address in the WordPress All-In-One Security plugin.

Recently, I locked myself out of a WordPress site that used the All-In-One Security plugin to prevent logins from blocked IP addresses. After running some tests, the plugin did its job and blocked the IP range, preventing me from logging in to the admin. This problem presents as being unable to login with credentials you know to be valid and no error message on the login page. This can also be due to session issues, or disabling login error messages altogether.

To verify that the security plugin is the problem, you should check out the security log. From the repository root, the file can be found at all-in-one-wp-security/logs/wp-security-log.txt. In the more likely event that you installed the plugin via WordPress, look for wp-content/plugins/all-in-one-wp-security/logs/wp-security-log.txt.

Unblocking Your IP Range

You’ll need command line access, or the ability to run SQL commands. Any of the following should work:

  • PHPMyAdmin
  • MySQL CLI
  • Ability to upload and run PHP scripts.

MySQL CLI

Log in as an admin, or with your WordPress database credentials. Select the appropriate database, and find your IP address with a site like icanhazip.com.

First, check that the table exists. If you use table prefixes, be sure to modify the table name in these examples to match your table name.

SHOW TABLES LIKE '%login_lockdown%';

If you see a table name, you’re in good shape. If not, you’re probably in the wrong database, not using the same plugin, etc. In the next step, verify that your IP address range is blocked. Use the % character to do wildcard searches, since it can block an entire range.

SELECT * FROM aiowps_login_lockdown WHERE failed_login_ip LIKE "123.45.67.%";

If results are returned, look at the rows and see which usernames/times are safe to unblock. If all the rows are safe to unblock, the following command will delete everything you just selected.

DELETE FROM aiowps_login_lockdown WHERE failed_login_ip LIKE '123.45.67.%';

To delete specific entries, use the ID column to specify which rows to delete:

DELETE FROM aiowps_login_lockdown WHERE id IN (324, 325, 326);

You should now be able to log in!

PHPMyAdmin

The PHPMyAdmin method is similar to what’s listed above:

  1. Find the appropriate database
  2. Locate the login_lockdown table
  3. Find any records that are blocking your IP range
  4. Delete them

 

Unblocking your IP address in the WordPress All-In-One Security plugin.

3 thoughts on “Unblocking your IP address in the WordPress All-In-One Security plugin.

  1. cybergates790111 says:

    cant find my ip but i cant login. if i try to login (use difrent ip’a) I get automatic ban but in database there is no those ip

Leave a Reply