Hello @pburki,
The message you are receiving typically indicates that your IP address has been blocked by the plugin. This block can occur if the maximum number of login attempts has been reached:
https://www.siteground.com/tutorials/wordpress/security-optimizer/login-security/#Limit_Login_Attempts.
In order to disable this functionality, you can use the following WP-CLI command:
wp sg limit-login-attempts 0
More information on how to manage our plugin via WP-CLi can be found here:
https://www.siteground.com/tutorials/wordpress/security-optimizer/wp-cli-commands/
Thread Starter
pburki
(@pburki)
Hi @delyandelov,
Well, I did not try to login unsucessfully from my IP address. In addition, login from a different IP adress (mobile phone on the mobile network, or using a VPN) does not solve the issue.
Thanks,
Philippe
Thread Starter
pburki
(@pburki)
Not sure why you marked the issue as reolved, while this is not !
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
Not sure why you marked the issue as reolved, while this is not !
It’s your topic. Go to the sidebar and mark the topic unresolved.
Hello @pburki,
As my colleague Delyan Delov mentioned, this particular error occurs when the Security Optimizer plugin records multiple failed login attempts from a specific IP address. However, if you were seeing this message even when using a different IP address, the response might have been cached. I can confirm that our caching service does not cache requests to the wp-admin area or the wp-login.php page, so this might be due to a third-party proxy service used on the website or a plugin set to aggressively cache all pages on the website. To confirm this, you can deactivate any third-party proxy service currently in use on the website (or bypass it with the help of the hosts file on your computer) and deactivate all plugins, except the Security Optimizer. If the problem no longer occurs, you can start reactivating the plugins and/or the proxy service one by one until the problematic one is found.
Another possible reason would be a discrepancy in the website’s configuration and more specifically a difference between the WordPress Address (Site URL) and Site Address (Home URL) of the WordPress application. This can certainly lead to WordPress not functioning properly and among other things could also manifest in failed login attempts, thus triggering the Security Optimizer.
In order to investigate this behavior further, however, we will need to reproduce it on our end. If you are a SiteGround customer, please post a support ticket through your SiteGround User Area and we will do our best to assist you.
Best Regards,
Stanimir Panayotov
Thread Starter
pburki
(@pburki)
Hi @stanimirpanayotov,
Thanks for your answer. This is however strange, since there is no chaching on this site. Also, shouldn’t the plugin record this as a “Blocked” in the logs ? Nothing appears in this list since Feb 26, 2025.
Thanks and best regards,
Philippe
Hello @pburki,
Based on your explanation, it seems that the login page of your website is currently inaccessible to everyone. One possible reason for this issue could be that access to the admin page has been restricted to a specific IP address using the Login Access feature of the plugin.
To grant access to all IP addresses for the wp-login.php page of your website, you can run the following WP CLI command via SSH:
wp sg login-access remove all
If this restriction is indeed the cause of the problem, executing this command should resolve the issue. This would also explain why your IP address is not present in the list of blocked IP addresses.
Additionally, as my colleague mentioned, I want to highlight that if your website is hosted with SiteGround, our support team will be happy to assist you in resolving this matter.
Best regards,
Daniela Ivanova
