Trying to login into wp-admin is redirecting me to https://safe-load.gotmls.net/ with a ‘NO SESSION’ error.
It doesn’t look like my files have been modified, and I’ve tried logging in from multiple locations.
Any help would be great.
Disabling GOTMLS via renaming its subdirectory allowed me in – but would love to understand what happened.
I am very sorry for my extremely late reply, I didn’t get any notification of any posts around this time.
The optional Brute-Force Login Protection checks for valid session before allowing WordPress to authenticate the user if the server is unable to create a persistent session for that user then the login is rejected. If you refresh your login page and you still get that error with the Brute-Force Protection enabled then there must be something wrong with the session files on your server, because otherwise you would not have been able to enable that feature in the first place.
Now that you can log into your wp-admin you can try enabling my plugin again but then go to the Firewall Settings and disable the Brute-Force Login Protection. Once it has been disabled you can try enabling it again, which should only work if the session capabilities on your server are function properly.
