Admin password entered more than 3 times wrong / admin locked

[erich37]

my webmaster entered the wrong Password (more than 3 times) to access the Admin-ACP for my website. He just told me he was locked out of the Admin because he entered the wrong PW more than 3 times.

How to get back into the Admin-ACP ? Is there a certain time-frame until when the "lock" gets released again ?

Appreciate your help!

 

[Paul B]

It should clear after 15 minutes.

Alternatively he can try logging right out and logging back in via the front end, solving the CAPTCHA as necessary.

If you're comfortable with SQL, you can run this query:

TRUNCATE TABLE xf_login_attempt

Or he can click on the lost password link and reset it that way.

 

[erich37]

Many thanks Brogan!

 

[NavyCuda]

It should clear after 15 minutes.

Alternatively he can try logging right out and logging back in via the front end, solving the CAPTCHA as necessary.

If you're comfortable with SQL, you can run this query:

TRUNCATE TABLE xf_login_attempt

Or he can click on the lost password link and reset it that way.

Thank goodness for google search!

 

[popowich]

What could cause this problem under normal running?

I've been constantly running the mysql truncate above since upgrading to XF 2.2.2

It's a problem for member logins too (not limited to admin logins)

 

[Paul B]

The issue can only arise from entering an incorrect password.

 

[popowich]

I can confirm with existing and new accounts it's randomly while logged in. Feels more like a cookie/session type issue. It's multiple users / computers / browsers. I'm wondering what might be wrong or missed. It's def not bad passwords for all. Consider the php upgrade too. Anything come to mind?

 

[Mike]

If there's some sort of reverse proxy involved that is leading to incorrect IP address being logged for users, that could cause it to happen unexpectedly. You can check the IPs that are logged on recent posts or in the online user list. If those aren't want you expect, that should be investigated (and ideally resolved at the web server level, though it is possible to make adjustments in XF's config.php).

 

[popowich]

OK, that's it. What's the config.php fix? I'm behind an AWS ELB and have my HTTPS handled there. When checking posts I'm seeing a backend RFC1918 IP logged instead of my public IP. I'm not sure when that changed. The upgrade would not have done that and I'm probably only noticing now because I'm more active during the upgrade / troubleshooting. I'm checking a few posts and they're all related to adding a proxy, that that's doesn't seem like it would fix the fact I'm seeing the wrong IP to begin with. Looking back at some older posts of my forum this wasn't a problem in April 2020, so it's within the last several months that AWS made the change.

Update: This post is the fix: https://xenforo.com/community/threa...ancers-private-ip-address.162663/post-1335994

Update: It was something lost in the upgrade, I had a similar fix in my previous config.php that didn't get preserved. Looks like backend memcached type stuff was dropped too?