Bulk Force Logout Problems

  • Melly

    (@melissaod)


    3 weeks, 2 days ago

    Hello. I noticed last night in your plugin’s “User Security” section that 465 users were logged in to my website. When I looked closer, I saw that all 465 users had the exact same IP address. I checked the IP on the AbuseIPDB website and saw that the IP was malicious. When I bulk checked all 465 and applied the force logout all function, it froze then brought me to the white screen of death.

    So I went back and once again bulk checked all 465 but this time used the force logout of selected, it again brought me to the white screen of death. So I went back and tried only selecting 5 then selecting force logout of selected and was again brought to the white screen of death. I had no choice then but to force logout of all 465 individually.

    This was extremely time consuming. Not only that, why is it even allowed for there to be so many logged in users with different names but with the exact same IP address. That should be an obvious red flag. Please fix the force logout function with bulk selection and let me how I can prevent hundreds of users with the same IP from staying logged in using up my server resources and posing possible malicious attacks simultaneously.

    Thank you for your time and assistance.

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    3 weeks, 2 days ago

    Hi @melissaod,

    Sorry for the inconvenience. Yes, the Force Logout bulk action currently has an issue. It has been identified and a solution is being worked on internally. However, it is still under review and will be included in an upcoming AIOS release.

    Regarding the 465 users being logged as malicious activity, please check AIOS > Dashboard > Audit Log and review the Successful Login event stack trace. This should show which page was used for login. Was it the site My Account page or another page? Please let me know.

    You may also consider using CAPTCHA or similar measures to prevent bots from automatically logging in or registering.

    If the activity is coming from a specific IP address and blocking it will not affect legitimate users, you can blacklist it via AIOS > Firewall > Block and Allow List.

    Regards

    Thread Starter Melly

    (@melissaod)

    1 week, 5 days ago

    Hello. It happened again with hundreds of user registrations under different names but same IP address. Here’s one of the traces:

    array(19) {
  [0]=>
  array(6) {
    ["file"]=>
    string(56) "/home/collec26/public_html/wp-includes/class-wp-hook.php"
    ["line"]=>
    int(341)
    ["function"]=>
    string(12) "record_event"
    ["class"]=>
    string(33) "AIOWPSecurity_Audit_Event_Handler"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [1]=>
  array(6) {
    ["file"]=>
    string(56) "/home/collec26/public_html/wp-includes/class-wp-hook.php"
    ["line"]=>
    int(365)
    ["function"]=>
    string(13) "apply_filters"
    ["class"]=>
    string(7) "WP_Hook"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [2]=>
  array(6) {
    ["file"]=>
    string(49) "/home/collec26/public_html/wp-includes/plugin.php"
    ["line"]=>
    int(522)
    ["function"]=>
    string(9) "do_action"
    ["class"]=>
    string(7) "WP_Hook"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [3]=>
  array(4) {
    ["file"]=>
    string(118) "/home/collec26/public_html/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-audit-events.php"
    ["line"]=>
    int(603)
    ["function"]=>
    string(9) "do_action"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [4]=>
  array(6) {
    ["file"]=>
    string(123) "/home/collec26/public_html/wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-user-registration.php"
    ["line"]=>
    int(51)
    ["function"]=>
    string(23) "event_user_registration"
    ["class"]=>
    string(26) "AIOWPSecurity_Audit_Events"
    ["type"]=>
    string(2) "::"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [5]=>
  array(6) {
    ["file"]=>
    string(56) "/home/collec26/public_html/wp-includes/class-wp-hook.php"
    ["line"]=>
    int(343)
    ["function"]=>
    string(39) "aiowps_user_registration_action_handler"
    ["class"]=>
    string(31) "AIOWPSecurity_User_Registration"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [6]=>
  array(6) {
    ["file"]=>
    string(56) "/home/collec26/public_html/wp-includes/class-wp-hook.php"
    ["line"]=>
    int(365)
    ["function"]=>
    string(13) "apply_filters"
    ["class"]=>
    string(7) "WP_Hook"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [7]=>
  array(6) {
    ["file"]=>
    string(49) "/home/collec26/public_html/wp-includes/plugin.php"
    ["line"]=>
    int(522)
    ["function"]=>
    string(9) "do_action"
    ["class"]=>
    string(7) "WP_Hook"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [8]=>
  array(4) {
    ["file"]=>
    string(47) "/home/collec26/public_html/wp-includes/user.php"
    ["line"]=>
    int(2654)
    ["function"]=>
    string(9) "do_action"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [9]=>
  array(4) {
    ["file"]=>
    string(88) "/home/collec26/public_html/wp-content/plugins/woocommerce/includes/wc-user-functions.php"
    ["line"]=>
    int(174)
    ["function"]=>
    string(14) "wp_insert_user"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [10]=>
  array(4) {
    ["file"]=>
    string(92) "/home/collec26/public_html/wp-content/plugins/woocommerce/includes/class-wc-form-handler.php"
    ["line"]=>
    int(1167)
    ["function"]=>
    string(22) "wc_create_new_customer"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [11]=>
  array(6) {
    ["file"]=>
    string(56) "/home/collec26/public_html/wp-includes/class-wp-hook.php"
    ["line"]=>
    int(341)
    ["function"]=>
    string(20) "process_registration"
    ["class"]=>
    string(15) "WC_Form_Handler"
    ["type"]=>
    string(2) "::"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [12]=>
  array(6) {
    ["file"]=>
    string(56) "/home/collec26/public_html/wp-includes/class-wp-hook.php"
    ["line"]=>
    int(365)
    ["function"]=>
    string(13) "apply_filters"
    ["class"]=>
    string(7) "WP_Hook"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [13]=>
  array(6) {
    ["file"]=>
    string(49) "/home/collec26/public_html/wp-includes/plugin.php"
    ["line"]=>
    int(522)
    ["function"]=>
    string(9) "do_action"
    ["class"]=>
    string(7) "WP_Hook"
    ["type"]=>
    string(2) "->"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [14]=>
  array(4) {
    ["file"]=>
    string(42) "/home/collec26/public_html/wp-settings.php"
    ["line"]=>
    int(764)
    ["function"]=>
    string(9) "do_action"
    ["args"]=>
    array(1) {
      [0]=>
      string(0) ""
    }
  }
  [15]=>
  array(4) {
    ["file"]=>
    string(40) "/home/collec26/public_html/wp-config.php"
    ["line"]=>
    int(105)
    ["args"]=>
    array(1) {
      [0]=>
      string(42) "/home/collec26/public_html/wp-settings.php"
    }
    ["function"]=>
    string(12) "require_once"
  }
  [16]=>
  array(4) {
    ["file"]=>
    string(38) "/home/collec26/public_html/wp-load.php"
    ["line"]=>
    int(50)
    ["args"]=>
    array(1) {
      [0]=>
      string(40) "/home/collec26/public_html/wp-config.php"
    }
    ["function"]=>
    string(12) "require_once"
  }
  [17]=>
  array(4) {
    ["file"]=>
    string(45) "/home/collec26/public_html/wp-blog-header.php"
    ["line"]=>
    int(13)
    ["args"]=>
    array(1) {
      [0]=>
      string(38) "/home/collec26/public_html/wp-load.php"
    }
    ["function"]=>
    string(12) "require_once"
  }
  [18]=>
  array(4) {
    ["file"]=>
    string(36) "/home/collec26/public_html/index.php"
    ["line"]=>
    int(17)
    ["args"]=>
    array(1) {
      [0]=>
      string(45) "/home/collec26/public_html/wp-blog-header.php"
    }
    ["function"]=>
    string(7) "require"
  }
}
    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    1 week, 4 days ago

    Hi @melissaod,

    It seems the WooCommerce registration page being used.

    Can you please add a captcha for it, if possible, to stop bot registration?

    Please keep checking, and if possible, blacklist that IP?

    Regards

    Thread Starter Melly

    (@melissaod)

    3 days, 21 hours ago

    I tried using the captcha but after setting the captcha on, I wasn’t able to log in to WordPress Admin anymore. The captcha wasn’t giving me anything to solve so it would not validate. Hence, I had no choice but to remove the captcha.

    • This reply was modified 3 days, 21 hours ago by Melly. Reason: response
    Plugin Support hjogiupdraftplus

    (@hjogiupdraftplus)

    3 days, 14 hours ago

    Hi @melissaod,

    Generally, enabling CAPTCHA for the WordPress admin login page should display the CAPTCHA field and validate on submit. Which CAPTCHA are you using? If you have a caching plugin that caches the login page, please exclude it.

    There are separate options to enable CAPTCHA for WooCommerce registration and login forms. You should disable CAPTCHA on the WordPress login page and then check whether the issue with the bot user registration persists.

    Regards

Viewing 5 replies - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.