Forgot my password and now my IP is banned?

Trying to login to my Concrete web site and I tried multiple times to guess which password I’d used. Tried to ask for a password re-set but no email arrived. Then, after a couple more attempts to login, I got a message saying my IP had been banned and contact the administrator for the site ( which is me).
So, if I am the admin and my IP is banned am I now locked out of my own site? How do I get back in? Why doesn’t the “password reset” email work?
Thanks for any help.

I think by default ip bands are only 5mins. The time can be set in the dashboard.

Thank you Tim,
So not a permanent ban then? That’s good.
Do you know why the “Forgot password” system is not working? It has not sent me a reset email. Perhaps it uses the “system” email address that is created by default when a new installation of Concrete is made?
It’s frustrating being shut out of my new site. No doubt down to my own stuidity and advancing years.

Solved it:
I managed to fix this by editing my site’s details from cPanel (Softalicious Installations). I changed the username and password and saved changes. Now I can login to my site using the new username & password.
One remaining annoyance is that there is no “Sign In” area on my site’s footer. I have to use http://www.example.com/index.php/login to find a login window.
I still don’t understand the problem with the “Forgot Password” function? Maybe it never worked?
Thanks for the help.

The default settings of Concrete about how emails should be delivered rarely work out of the box.
You have to configure the way emails should be sent (there’s the SMTP settings in the dashboard page that lets you do that).

@mlocati Shouldn’t the basic PHP mail send those password reset emails? I’ve never really had that fail on initial setup BUT you have far more experience than I.

It all depends on your hosting provider: in some cases you can use the default settings (that is, use the default mail() function), in some cases you have to specify an external SMTP server.

In any case, the first thing to be done after installing concrete is to check if sending emails works (for example to be sure that you can use the “forgot email”).

a tip I use sometimes: ask for re-sending the password and if you don’t get the mail but have access to the db (e.g. with phpmyadmin or similar tools) look at the last record of the log table where you may intercept the link to redo your access

2 Likes

@mnakalay has a great article on his site for this.

1 Like

Thank you very much for that link Tim. I have had good help in the past from Nour Akalay

@wulbert if you don’t want to wait for 5mins for the IP-ban to be lifted you can also use the ConcreteCMS CLI to clear the ban. Comes in handy when a client locks him/her self out.

php concrete/bin/concrete c5:denylist:clear

To see the options for this command you can do /concrete/bin/concrete c5:denylist:clear -h

1 Like