Conversation
supportSite Lockout Notification hypeitupnow.fun lockout notification IP: 94.59.210.68 2026-06-07 11:58:31 Too many bad login attempts but this may have Kadence Security breathing all over this because I read in the plugin about and I’ll enabled Site Lockout for 24 hours after too many bad attempts. Something was going on before the Site Lockout was initiated that I needed to fix but this cause more problems. The page I need help with: [ log in to see the link]
Hi @hypeitupnowcoach , That notification is Kadence Security’s brute force protection doing its job: the IP 94.59.210.68 hit too many failed login attempts in a row, so it was temporarily locked out. Most of the time these are bots trying stolen passwords, and the notification is just confirmation the protection is working. The first thing to figure out is whether that IP is actually yours, because that decides whether you need to do anything at all. To check, open https://www.whatismyip.com from the same device and network you use to manage the site. If it shows 94.59.210.68, then the lockout landed on your own connection (you, or someone on your network, mistyped the login enough times to trip it). If it shows a different IP, the lockout was an outside attempt and you can safely ignore it. If it is your IP and you are locked out, here is how to get back in. The quickest route is releasing the lockout from the dashboard. If you can still reach wp-admin from a different network (mobile data, or a VPN that gives you a different IP), go to Security > Dashboard, find the Active Lockouts card, select the entry, and click Release Lockout. If you cannot get in at all, you have two server-side options: Database: in phpMyAdmin, open your site database and find the table named {prefix}_itsec_lockouts, then delete the row containing 94.59.210.68. Take a quick database backup first. WP-CLI (if you have SSH access): wp itsec lockout release $(wp itsec lockout list –search=94.59.210.68 –field=id) As a last resort, adding this single line to wp-config.php disables all Kadence Security modules immediately so you can log back in. Remove it again once you are in: define(‘ITSEC_DISABLE_MODULES’, true); To stop this happening again: Authorize your own IP. Under Security > Settings > Global Settings there is an Authorized IPs list, plus a button to temporarily authorize your current IP for 24 hours. With your IP listed there, you will still be notified of attempts but will not be locked out yourself. Reconsider the lockout length. Under Security > Settings > Global Settings > Lockouts, the “Minutes to Lockout” setting controls how long a lockout lasts (the default is 15 minutes). A very long value is what turns a routine lockout into a real locked-out-of-your-own-site problem, so a shorter period is usually safer. Reduce failed logins at the source by using a strong password and enabling Two-Factor Authentication, so legitimate logins do not trip the limit. Full reference: https://www.liquidweb.com/help-docs/software/kadence/solid/security/release-lockouts/ Let me know if that IP turns out to be yours and you are still stuck after trying the above. Best regards, Pawel P. Liquid Web Software Support
Hi @hypeitupnowcoach , That notification is Kadence Security’s brute force protection doing its job: the IP 94.59.210.68 hit too many failed login attempts in a row, so it was temporarily locked out. Most of the time these are bots trying stolen passwords, and the notification is just confirmation the protection is working. The first thing to figure out is whether that IP is actually yours, because that decides whether you need to do anything at all. To check, open https://www.whatismyip.com from the same device and network you use to manage the site. If it shows 94.59.210.68, then the lockout landed on your own connection (you, or someone on your network, mistyped the login enough times to trip it). If it shows a different IP, the lockout was an outside attempt and you can safely ignore it. If it is your IP and you are locked out, here is how to get back in. The quickest route is releasing the lockout from the dashboard. If you can still reach wp-admin from a different network (mobile data, or a VPN that gives you a different IP), go to Security > Dashboard, find the Active Lockouts card, select the entry, and click Release Lockout. If you cannot get in at all, you have two server-side options: Database: in phpMyAdmin, open your site database and find the table named {prefix}_itsec_lockouts, then delete the row containing 94.59.210.68. Take a quick database backup first. WP-CLI (if you have SSH access): wp itsec lockout release $(wp itsec lockout list –search=94.59.210.68 –field=id) As a last resort, adding this single line to wp-config.php disables all Kadence Security modules immediately so you can log back in. Remove it again once you are in: define(‘ITSEC_DISABLE_MODULES’, true); To stop this happening again: Authorize your own IP. Under Security > Settings > Global Settings there is an Authorized IPs list, plus a button to temporarily authorize your current IP for 24 hours. With your IP listed there, you will still be notified of attempts but will not be locked out yourself. Reconsider the lockout length. Under Security > Settings > Global Settings > Lockouts, the “Minutes to Lockout” setting controls how long a lockout lasts (the default is 15 minutes). A very long value is what turns a routine lockout into a real locked-out-of-your-own-site problem, so a shorter period is usually safer. Reduce failed logins at the source by using a strong password and enabling Two-Factor Authentication, so legitimate logins do not trip the limit. Full reference: https://www.liquidweb.com/help-docs/software/kadence/solid/security/release-lockouts/ Let me know if that IP turns out to be yours and you are still stuck after trying the above. Best regards, Pawel P. Liquid Web Software Support