Locked Out of Site by Wordfence

We take many steps to ensure that your website stays secure from any malicious visitor, bot, or attack attempt. One of those steps is using the Wordfence web application firewall to secure your site as tightly as possible. Unfortunately, this means that occasionally the program will have a "false positive" and will therefore sometimes lockout a real user. 

This can happen for any number of reasons - for example, if you make too many attempts to access the site via an old bookmarked page that no longer exists, or if you enter the wrong password in the login form too many times.

The good news is that there's an easy way to solve this and make sure it never happens to you again!

  • While connected to the same Internet connection, visit http://hostnine.com/ip and make note of the IP address listed there. (Note: you can't be connecting via a proxy or VPN, just a plain ordinary Internet connection.) This is the IP address that's blocked on your site.

  • Log in to your WordPress admin dashboard using a different Internet connection - for example, logging in from home if you're at the office (or vice versa), or, if you have a smartphone with a data plan, turn off WiFi on your phone and connect via your phone's web browser.
  • Navigate to Wordfence > Firewall and click the Blocking tab at the top. There, find the IP address in Step 1 listed among the IPs blocked from accessing the site.
  • Click the "Unblock" link next to that IP address in the list.
  • Next, navigate to Wordfence > All Options and review both the Rate Limiting and Brute Force settings to ensure that they're not overly strict for your purposes. This will vary on a case-by-case basis for every site and business.
  • Click the blue SAVE CHANGES button in the upper right to make the changes permanent.