How to fix “Jetpack has locked your site’s login page”

You have downloaded Jetpack plugin for your WordPress site. Then, enabled it. After few days you find that on your favourite web browser, when you log in to WordPress login page for writing articles, or moderate comments, then you will have to login into WordPress administration the front end of WordPress website.

Suddenly, you find that Jetpack has locked your site’s login page for so-called security violations.

In the later stage of this article, you will find the screenshot about it. The message would be like this.

“Jetpack has locked your site’s login page.
Your IP address ***.**.***.** has been flagged for potential security violations. You can unlock your login by sending yourself a special link via email.”

After this, there is space for your email so that Jetpack would probably send the message to solve mechanisms to solve this problem. You put the mail id on the specified field on that space. Then you receive the message from Jetpack.

Then you check the inbox of yours the email account you specified. You find the following message.

Unlock your site
Clicking the link below will allow you to either attempt additional login attempts or change your password for your WordPress site for 15 minutes from the IP address ***.**.***.** (Austin, United States).

Then you click on the Log in the link provided in the link. The message of the outbound link as follows.

{“error”:”Bad Request”,”message”:”Invalid input.”}

So what is the solution to this problem where Jetpack has locked your site for so-called security violations? This article is all about it.

How to solve “Jetpack has locked your site’s login page”: First, you need to whitelist server’s IP address inside security settings of Jetpack. There are three ways to whitelist your site’s server address.

You can enter IP or IPV6 address of your website by logging into Jetpack account which is, of course, WordPress account, then go to, of course,

SETTINGS>SECURITY>BRUTE FORCE ATTACK PROTECTION

Above mentioned step only be possible if you can access your site and log in to WordPress Admin from another computer and another web browser. Go to WordPress.com account and then go to

MY SITES>SETTINGS>SECURITY>PREVENT BRUTEFORCE LOGIN ATTACKS

There put your IP address. Then whitelist it. When you log in to yours’s site’s WordPress Admin address you can find the message of Jetpack with your’s site’s IP address. Put the same IP address to whitelist.

If you are the geek and very well at dealing with WordPress from the side of the backend that is through hosting or cPanel then you can follow these instructions to edit wp-config.php file in the following way.

Open wp-config.php file of WordPress from its root installation and back it up on your local computer. Then, open it in edit mode and here we will add constant in the name of JETPACK_IP_ADDRESS_OK

Add following parameter at the end of wp-config.php file.

define('JETPACK_IP_ADDRESS_OK', 'X.X.X.X');

The protect function of jetpack enabled WordPress site is to block suspicious looking sign in activities. In this way, most of the brute force attackers who use trial and error methods to log into your WordPress admin failed.

This security feature activated for your’s site when you installed jetpack plugin through either front end or through the back end of your self-hosted WordPress website. It aimed to block suspicious looking botnet logins to block unwanted login attempts on your website.

In this article, we learn about how to unlock your’s site’s front end login administration when it is locked out due to Jetpack. We learn about how to remove this either through login into WordPress administration through other computers by logging to WordPress front end.

This feature is an important feature for WordPress considering the importance of WordPress.WordPress has been major attacks source from hackers. The second method is to log in to WordPress.com site which is the login for the jetpack. In the end the full proof. Yet, the carefully crafted method is to enter into the back end of WordPress that is on the hosting site.

Conclusion:

In this way, you can certainly unlock yours website login page and at the same time, you can secure your’s site login page. Generally, your’s site login page is can easily be the target of hackers. This article one at the same time let you understand the importance of security as well as the ways to unlock your site from the perspective of login into your own self-hosted WordPress website.

This entry was posted in WordPress on by .

This post contains a whopping 852 words.

Leave a Reply

You have to agree to the comment policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.