Support

Hello: I recently moved my site from HostGator to Rochen and am having issues with repeated IP blocking when I attempt to log in from the admin and live site.

When it occurs, I follow the steps in "Using FTP to regain access to your site's administrator" and change the file to provider-disable; it works and I log in correctly. I then go to AdminTools and see the button that says to "Unblock my IP Address" which I use, and also to go back and change the file to disable, which I do. This works for a few minutes on my site. But later when I try to access my admin site I get the same message that "We have detected suspicious activity from your IP address. Your access to this site is temporarily suspended." That sends me back to disabiling the file.

Is there something that is causing this loop? I should add the when I use the technique of sending an email "This URL will only send you an email if the IP address from which you are accessing it is being blocked by Admin Tools. If you are not blocked no email will be sent" I never get an email, so it seems possibly my IP address is not being blocked and something else is happening. This has occurred 8 times today when I can't access my site, and am hoping it is a setting I need to that prevents this from happening.

Thank you again!

It says "Admin Query String" for https://finishingandcoating.com/administrator/index.

Thank you.

I should add that I have repeatedly used the Secret Administrator URL Parameter feature to gain access; but then it goes back to blocking the IP. It has cycled like that several times.

Thank you

Thank you!

The "Browser cookie override for the administrator secret URL parameter" was already set to Enabled, so I set it Disabled and saved it, then Enabled it and saved again.

I also changed the time to 480 minutes.

I then went back in and "Unblocked my IP" and reset the provider file.

Hope this helps, and i appreciate you quick reponse, especially on a weekend.

Update: I was getting hammered by a bot from a specific gmail.com account about 2,000 a day with emails; your component is very effecctive. I still get about 4-5 every other day, and have no clue how he is even getting in to send those, but I can take 4-5 every other day instead of 4,000+ in that time span.

Thanks

Hello Nicholas:

This morning the same situation repeated.

1. Tried to log in to the admin and instead the page redirected to the homepage.

2. When I again tried to go to https://finishingandcoating.com/administrator, I received the error message that "We have detected suspicious activity from your IP address ..."

3. When I went to the home page, the same message of "We have detected suspicious activity from your IP address ..."

I then changed the file to provide-disable to gain access; I saw in the Blocked Request Log that the issue was "Admin Query String" to https://finishingandcoating.com/administrator/, which seems to be the same problem I have been having. I did check from our previous notes, and the "Behind Load Balancer" is set to "Yes."

Is there anything else I should check to prevent my IP from being blocked again and having to go through the rest of the stages again?

Thank you again for all your help.