DevelopmentLinux

Unblock Yourself from Your WordPress Droplet After Too Many Failed Login Attempts

So you aren’t able to connect to your newly configured WordPress DigitalOcean Droplet (specifically Ubuntu WordPress 4.7 on 16.04) within 5 minutes of turning it on because you accidentally tried to log in to wp-admin with the wrong password too many times?

Well you’re one in a million. Luckily smart people like me, who would never do such a thing, are here to help.

ERR_CONNECTION_REFUSED

If you see this, you very likely are just as smart as I am.

First, you should disable your firewall with the command sudo ufw disable, oh wait, that’s what the other people claim fixes this issue, don’t do this 😉 .

What really happened is your IP was flagged, automatically, and dropped into the bad part of your iptables, which is what linux can use to allow and reject specific IP addresses, ranges, and ports. This droplet is pre-configured to ban people who are doing naughty things, you were being naughty by trying a bunch of passwords in wp-admin, so you got the axe!

What you want to do is check your iptables for your own IP address with the following command:

root@nickmanderfieldcom:~# iptables -L -v --line-numbers

This will return quite a bit of information, if you’re lucky, you’ll see your server protecting itself from potential compromises right off the bat (see the 116.31.116.23 down there? that’s a Chinese IP up to no good), and ultimately your own IP next to the words REJECT.

Chain INPUT (policy ACCEPT 433 packets, 34340 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1       92  7818 f2b-wordpress-soft  tcp  --  any    any     anywhere             anywhere             multiport dports http,https
2       37  4298 f2b-wordpress-hard  tcp  --  any    any     anywhere             anywhere             multiport dports http,https
3      600 52985 f2b-sshd   tcp  --  any    any     anywhere             anywhere             multiport dports ssh

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 362 packets, 32213 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain f2b-sshd (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1       31  2820 REJECT     all  --  any    any     116.31.116.23        anywhere             reject-with icmp-port-unreachable
2      569 50165 RETURN     all  --  any    any     anywhere             anywhere            

Chain f2b-wordpress-hard (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1       37  4298 RETURN     all  --  any    any     anywhere             anywhere            

Chain f2b-wordpress-soft (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1       55  3520 REJECT     all  --  any    any     cpe-13-37-01-010.new.res.rr.com  anywhere             reject-with icmp-port-unreachable
2       37  4298 RETURN     all  --  any    any     anywhere             anywhere      

Once you find your IP address (Line 24), simply take the Chain name (Line 22: f2b-wordpress-soft) and the line number of your IP (Line 24), and use it in this simple command: iptables -D chainrulename linenumber, so in my case I would enter:

root@nickmanderfieldcom:~# iptables -D f2b-wordpress-soft 1

Run the first command one more time just to make sure you’re off your own list, and voila, back into your own server you can go!

Join the discussion One Comment

Leave a Reply

Let's get in touch!

Nicholas Manderfield

Ecommerce + Internet Marketer

(920) 843-8442

chat@nickmanderfield.com

Currently Based in Appleton, WI