your ip has been flagged for security reasons – Jetpack

So I was troubleshooting the configuration on my server and removed all non-essential code. This meant that the proxy was not forwarding the IP address of visitors to the backend.

Imagine my surprise to try to login to post to the blog when I found access to admin blocked with “your ip has been flagged for security reasons find out more“. It had popped up in the login popup wordpress shows when your login has expired and clicking “find out more” does nothing beyond showing a rotating gif indicating loading.

Login blocked - Jetpack trolls bloggers

Luckily, I was logged into another blog on the same server which had Jetpack installed as well. Clicking another link on it gave me the same warning on the page instead of a popup and i was able to follow through to the Jetpack site for the explanation.

Login Blocked by Jetpack - The notice

Apparently to fix this, you have to add


to wp-config.php in the root of your wordpress blog. In my case, this was LOCALHOST!

Here’s my irritation with Jetpack.

  1. I have access to the server. What if any other user on the blog had tried to make a post?
  2. I don’t recall activating security. I have another plugin I use for security. I was not even aware that Jetpack offers security. How appropriate is it to activate something that can block access for potential users onto someone’s blog without consent?
  3. What sort of non-consensual inflicted code blocks access to localhost? Surely the forward facing IP and localhost at least ought to be whitelisted by default? Not according to Jetpack, it seems.

This is yet another straw piled onto my back about the ever bloating Jetpack plugin. One of these days, I’m going to take some time to configure alternatives and ditch them.






3 responses to “your ip has been flagged for security reasons – Jetpack”

  1. mohit kumar Avatar

    really informative. thanks a lot for providing us the solution of IP blocking issue.
    I tried whitelist method.

  2. Abhi Avatar

    HI, my activity log in WP android app is filled with failed login activity. I have one extra user and that too is inactive. It shows IP as…. am I under bruteforce attack?

    1. Vidyut Avatar

      IP is localhost.

Leave a Reply

Your email address will not be published. Required fields are marked *