# Active Lockouts Log

The active Lockout table provides a list of all lockouts that are currently active and enabled. It contains the IP address, login name, how many attempts were made (Count), and when the lockout will expire (Expires in minutes).

## **Event Logs**

This is a log of all login attempts for your website.

### Table Definitions

**Time:** the time the attempt was recorded (using the time configured on your site).

**IP:** IP address associated with the attempt.

**Gateway:** The URL that was used by the attack.

**Login:** Username that was used in the attack.

**Rule:** The rule that was triggered. It’s either allow or deny.

**Reason:** There are quite a few different statuses available here:

* **ip\_acl\_temp\_local\_deny** – IP blocked temporary for this site only
* **ip\_acl\_temp\_network\_deny** – IP blocked temporary for the group of sites this site belongs to
* **ip\_acl\_local\_deny** – IP blocked by allow/deny rules for this site only
* **ip\_acl\_network\_deny** – IP blocked by allow/deny rules for the group of sites this site belongs to
* **ip\_lockout\_allow\_expired** – IP allowed b/c its lockout period has expired
* **ip\_lockout\_allow\_below\_limit** – IP allowed b/c the number of attempts is below limit
* **ip\_lockout\_deny** – IP is locked out b/c the number of attempts is above limit
* **ip\_acl\_xmlrpc\_deny** – IP is locked out b/c the XML-RPC gateway is closed
* **login\_acl\_local\_pass** – attempt allowed b/c of a local login pass rule
* **ip\_acl\_local\_pass** – attempt allowed b/c of a local ip pass rule
* **all\_acl\_none** – there were no allow/deny rules matching the request
* **country\_acl\_local\_allow** – the country is allowed for this site
* **country\_acl\_local\_deny** – the country is denied for this site
* **ip\_acl\_temp\_none** – IP is not blocked temporary
* **all\_acl\_local\_allow** – both IP and login are allowed by allow rules for this site only
* **all\_acl\_network\_allow** – both IP and login are allowed by allow/deny rules for the group of sites this site belongs too
* **login\_acl\_network\_deny** – login is blocked by a deny rule for the group of sites this site belongs too
* **login\_acl\_local\_deny** – login is blocked by a deny rule for this site only

**Pattern:** A username that you listed, an IP or range of IPs, a country. This is an entity based on which the decision was made to allow or deny an attempt.

**Attempts Left:** How many attempts are left for the IP at the time the attempt happened.

**Lockout Duration:** How many minutes are left before the IP is unlocked automatically, at the time the attempt happened.

**Actions:** You can add or remove IPs and logins to/from your allow/deny lists.

### **Icons definitions for actions:**

**Open Red Lock** – Unlock IP (release an active automatic lockout)

**Red Plus Sign** – Add IP Or Login To Deny Rules

**Red Minus Sign** – Remove IP Or Login From Deny Rules

**Green Plus Sign** – Add IP Or Login To Allow Rules

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.limitloginattempts.com/plugin-settings/advanced-settings/ip-logs/active-lockouts-log.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.