- This topic has 3 replies, 2 voices, and was last updated 11 years, 5 months ago by
.
-
Posts
-
I had a new user subscribe and login from Amsterdam. He then logged in from Frankfurt. I blocked the 2nd IP via .htaccess Deny From … and he logged in from St Louis. I blocked all 3 IPs and deleted his user account.
In WP Security/User Login/Logged in Users all 3 IPs are still shown logged in.
I uploaded a blank index.php file to root and access to pages are blocked except for those already downloaded to browsers.
I put site in Maintencance mode using WP Security which will log out users however I had already deleted the user.
How do I force logout of the 3 IPs?
Thanks.
As soon as you blocked the IPs they are out of your site. They can’t do anything on your site if the IP address is blocked in the .htaccess file.
You can ignore what the “Logged in users” tab showing you. It has to get those info from WordPress and it is likely those session got stuck somehow and the plugin is showing them as logged in.
Thanks. I thought maybe even though they were blocked via .htaccess that they could go back in the browser to see pages they had already visited. Is this the case or not?
I also changed the SALT keys in the wp-config.php file to force all users to re-authenticate. Can you tell me if that forces them off the current page they are viewing and also prevents them seeing pages they have already visited that might be archived?
- You must be logged in to reply to this topic.