Banhammer Pro is a powerful weapon in the fight against threats and attacks. Banhammer Pro features built-in measures to prevent accidentally banning yourself, however there are limited scenarios where self-banning is possible. This post explains how to restore access if you accidentally ban your own IP Adress, User Agent, or whatever the case.

Whoops! How do I get back in?

Worst-case scenario say you accidentally ban yourself. As site admin, it is easy to restore access. Follow these steps:

  1. Download the Banhammer Unlock plugin
  2. Upload the Unlock plugin to your server at: /wp-content/mu-plugins/
  3. If the /mu-plugins/ directory does not exist, go ahead and create it
  4. After uploading the plugin, Banhammer will be disabled, so you can log in and restore access via the Tower
  5. Once you have restored access, delete the Banhammer Unlock plugin from the server
  6. After deleting the Unlock plugin, Banhammer once again will be enabled

Alternately, if you banned yourself by IP address, you can bypass the ban by using a trustworthy proxy service to log in to your site.


Here is the download link for the Unlock (must-use) plugin:

Tips for not banning yourself

Please be careful not to ban yourself when using Banhammer. The Basic Settings are powerful; use them wisely. Here are some things that can help mitigate any accidents:

  • Be mindful when monitoring traffic; always know your own IP address and WP username.
  • Disable the setting “Login Page”, so you always have access to the Login Page.
  • Enable the setting “Ignore Users”, so you always can access the Tower, and your own visits will not be logged in the Armory.
Pro Tip: In the Armory, you can click on the IP Address or Host Name to do a quick whois lookup.

With great power..

Please be careful not to ban any important IP addresses. Before banning some target, verify the IP and host name. Verifying the IP address is important because you do not want to accidentally ban major search engines and services. A good way to verify any IP address is to do a reverse lookup. The result should match the host name. For an example of how to verify a bot, check out this article at Perishable Press.