XF 1.5 Login Error

Within the past week, several of our members have complained that when logging in they are getting a message saying that their account is locked because they exceeded the number of failed login attempts allowed. However, they are sometimes getting it the first time they login, or they are getting it after only one failed attempt. This tells me that either something is not working correctly with the login system, or else a person or bot is trying to brute force members' accounts.

First, is there anything that might cause that error to come up when it shouldn't?

Second, is there a good way to keep track of failed Xenforo logins?


XenForo developer
Staff member
The login attempts are tracked based on IP. This tells me that you likely have something preventing the real user IP from being seen by the server. I'd guess a reverse proxy like CloudFlare.

Failed logins aren't exposed anywhere in the UI, though they are temporarily tracked directly in the DB.