I went to sleep last night with my website being perfectly fine, and when I woke up, I attempted to view it, and the page (thejatimes.ml) redirected me to Infinityfree where it read,
403 Forbidden
The website’s configuration prevents you from accessing this page.
I checked my IP Deny on my website cPanel and apparently, the IP address ‘all’ is blocked from coming to my website! I didn’t do this! Was my account hacked? PLEASE HELP! EMERGENCY!
-Blogger Joe
Update: It’s working now, but when I try to block an IP that I suspect belongs to a hacker with the IP Blocker cPanel feature, it reads,
Error, 9385928349285635786 please contact supportError, 9385928349285635786 please contact support
So, that’s what I’m doing.
Please help.
Thanks in advance,
-Blogger Joe
Error #403 normally came from your files’ privileges or .htaccess file, see Wikipedia page about error 403
Regarding your concern about hacker, it would be best to change your password on both InfinityFree and Cloudflare (if necessary).
As fellow user of InfinityFree, to be honest I didn’t use cPanel’s IP Blocker feature at all. Please wait for Admin to reply to this thread
The IP Blocker tool is just a frontend to setting .htaccess rules. I’ve checked your .htaccess and it looks like there are already some blocking rules in there from WordFence. So might be able to block IP addresses through WordFence’s interface, or add .htaccess rules like deny from <ip address> manually.
I just tried logging in through the administrative login url, and my IP has been blocked… I don’t know what to do…
@Blogger_Joe said:
I just tried logging in through the administrative login url, and my IP has been blocked… I don’t know what to do…
I checked your .htaccess file and I don’t see anything which could block your IP address. And I can’t even find where your WordPress admin is. It’s possible that your security settings are a bit too secure and you locked yourself out, but I don’t know what concoction of security plugins you have, let alone which would block you and how.
Turns out that it was a plugin that had blocked me from the administrative url and the IP that I thought was malicious was apparently owned by Cloudflare, who I use.
Thanks again for all the help.
-Blogger Joe