A Wordfence error is locking me out of my site

Sometimes users will experience the following error on attempting to login:

 

Your access to this service has been temporarily limited. Please try again in a few minutes (HTTP: response code 503)

 

Reason: Blocked by Wordfence Security Network

 

 

This occurs when our Wordfence security software has detected lots of failed logins in a short period of time causing the system to lock out users from attempting to log in.

This is an important security feature because by far the most common symptom of hacking attempts is automated username and password guessing, therefore once any of our sites experiences lots of incorrect logins over a short period the Wordfence system protecting your site will prevent all login attempts for a short period.

However, we recognise that this could be a problem in a school situation, especially with new bloggers - a class of 30 children can easily rack up 100 failed logins in a short period when they are attempting to log in for the first time. So, it is possible to get the blog to recognise that login attempts from the school's own network are always legitimate and not an attempt to hack. This is done by telling Wordfence to "white list" login attempts from any computer on your school's network.

Every time someone tries to log in to a blog the internet location (known as the IP address) of the device attempting to log in is used to establish the connection. It is this that Wordfence scans to prevent hacking attempts.

All that is required is that you tell Wordfence what the IP address of your school's network is and it will then no longer count any failed logins from this IP address as hacking attempts.

 

How to find your school's public IP address

Go to any curriculum pc and open a search engine in a browser. Search for "What's my IP?" Most search engines (including Google) will then return a search showing your public IP address in the form of a number in four parts separated by full stops:

999.999.999.999

Note that each element could be a single, double or 3 digit number.

Copy this number.

Adding your school's IP Address to Wordfence

When you are able, log into the blog (you must have Network Admin credentials to do this task) and visit Network Admin > Dashboard. On the left hand menu you will find an option called Wordfence. Click on Wordfence to reveal the Wordfence sub menu. Now click Options.

The Options screen contains a lot of fairly technical information, however, if you scroll down towards the bottom of the page you will find a section called Other Options. In this section you will see a box with some IP addresses already in it. Enter your own school's IP address on a new line after the existing IP addresses. Now scroll to the bottom and click "Save Changes". Your school's IP address will now be recognised by the Wordfence security system as one from which it is safe to ignore failed login attempts.

Further Notes

The vast majority of schools will have a single public IP address that never changes. However, in a small number of cases (such as split sites etc) it is possible that the school has more than one public IP address. Also, if you change internet service provider it is likely that your school's IP address will change. In both of these cases, simply add the new (or second) IP address to the Wordfence whitelist as above.

For further advice about your school's IP address pleas talk to your school's IT provider.

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk