If you are using contemporary hosting, it’s likely your site uses a proxy domain service like CloudFlare, Sucuri, Nginx, etc. They replace your user’s IP address with their own. If the server where your site runs is not configured properly (this happens a lot) all users will get the same IP address. This also applies to bots and hackers. Therefore, locking one user will lead to locking everybody else out. In the free version of the plugin this can be adjusted using the Trusted IP Origin setting. In the premium version, the cloud service intelligently recognizes the non-standard IP origins and handles them correctly, even if your hosting provider does not.

Open the site from another IP. You can do this from your cell phone, or use Opera browser and enabling free VPN there. You can also try turning off your router for a few minutes and then see if you get a different IP address. These will work if your hosting server is configured correctly. If that doesn’t work, connect to the site using FTP or  your hosting control panel file manager. Navigate to wp-content/plugins/ and rename the limit-login-attempts-reloaded folder. Log in to the site then rename that folder back and whitelist your IP. By upgrading to our premium app, you will have the unlocking functionality right from the cloud so you’ll never have to deal with this issue. 

It’s not uncommon for GoDaddy hosting customers to contact us because they are not familiar with our plugin, nor do they visually see it installed on their WordPress admin dashboard. Yet, they still receive failed login alerts by the plugin. We created an article here to help you figure out if the plugin is installed on your website.

You can turn these emails off in the plugin settings within the WordPress Dashboard.

Yes. On the free version, you will need to copy and paste the lists to each site, which is not very efficient. For the premium service, sites are grouped within the same private cloud account. Each site within that group can be configured if it shares its lockouts and access lists with other group members. The setting is located in the plugin’s interface. The default options are recommended.

Deny rules is also commonly known as the “black list” of IP addresses you don’t want to have access to your login page. Users will often add IP’s or ranges of IP’s that are identified as malicious from their lockout logs.

The premium service is built on Amazon Web Service infrastructure using high speed serverless technology. We store the data in DynamoDB, process it via Lambda functions and communicate it through the API Gateway. These solutions are top of the line, incredibly fast, secure and scalable right out of the box.

The settings are explained within the plugin in great detail. If you are unsure, use the default settings as they are the recommended ones.