Somehow the firewall (WAF) interpreted the super-admin as attempting to hack. He gets the firewall message for blocked by bad behavior.
It was set to block for 24 hours.
He renamed main.php so he could get in, and he set WAF to not block for bad behavior.
Is the 24-hour lock maybe still in effect? How can we turn it off?
He white-listed his own IP address. That did not work.
He changed the lockout time to 1 minute (and then waited 1 minute), and that did not work.
He was setting geo-blocking at the time. The first time he got locked out, he had geo-blocked his own country.
After that, the bad behavior block kept locking him out. So the only way is with main.php renamed.
It was set to block for 24 hours.
He renamed main.php so he could get in, and he set WAF to not block for bad behavior.
Is the 24-hour lock maybe still in effect? How can we turn it off?
He white-listed his own IP address. That did not work.
He changed the lockout time to 1 minute (and then waited 1 minute), and that did not work.
He was setting geo-blocking at the time. The first time he got locked out, he had geo-blocked his own country.
After that, the bad behavior block kept locking him out. So the only way is with main.php renamed.
