User IP being blocked but can't find it in block list

Hi we have a user who cannot login when they are on their normal IP address. They can login with a proxy and then go back to their normal IP and view the site as usual. However when they try to login when on their normal IP address they keep getting

Your login attempt has been blocked. Reason: Too many failed login attempts.

So I assume this is a CB issue because that alert message is generated in CB. However when I look up the bans I have searched the IP address, and every IP address on the users profile and none of them are blocked so we are kind of stumped as to what is going on.

We have Google reCaptcha on our login form could this be causing a potential issue? They did mention that the reCaptcha was causing problems for them before and now this error is getting displayed for them however reCaptcha is working fine.

They attempted to login X times and failed to do so so they were automatically blocked. Whether that actually generates a block in the database is dependent on if you configured it to do so. By default it does not and simply denies future login attempts until a configured time has passed since their last login attempt. You can see their attempts within CB AntiSpam > Attempts. You can configure all of this within CB AntiSpam > Parameters > Login > Auto Block. There is also auto blocking feature for Captcha, Registration, and Forgot Login.

Hi Kyle

If a user is blocked after X amount of attempts shouldn't it say in CB that their account is blocked? I have checked the configuration under CB AntiSpam > Parameters > Login > Auto Block and it has been enabled the block duration should only be for one hour.

The user can still log in if he on another IP Address (using a VPN) it's just his main IP which seems to be causing the issue.

If a user is blocked after X amount of attempts shouldn't it say in CB that their account is blocked?

No, not unless you set it to create a block. By default it just denies the login attempt and saves your database the storage and query.

The user can still log in if he on another IP Address (using a VPN) it's just his main IP which seems to be causing the issue.

Check within CB AntiSpam > Attempts for the IP Address being blocked. You can see how many attempts were made there for that IP Address. VPNs conceal a users IP Address so more than likely multiple people are using the same VPN company and are all being funneled through the same IP Address. There's nothing I can implement to do anything about this. The VPN is working exactly as it should. It's up to you how you want to handle that (e.g. disable login blocking, increase the attempt limit, decrease the block time, whitelist the VPN ip address, etc..).

The defaults for login auto blocking are 5 failed login attempts within a month results in 1 hour of denied logins. All attempts should clear on the next successful login from that ip address. Continuing to make failed attempts resets the time on the block. They need to make a successful login attempt after 1 hour of being blocked. However, it does appear the timeframe parameter isn't working entirely correctly. It's supposed to reset the attempts if the next attempt is outside of the timeframe, but that doesn't seam to be the case and will fix, but that'd only cause an issue if they failed to login, hit the attempt limit, and came back like 2 months later and failed again.

forge.joomlapolis.com/issues/6730