Support

Nothing has changed in Joomla! 4.4.0 which could have that effect. Instead, go to Blocked Requests Log and check if there are blocked requests for that user. It is very likely that they trigger the protection either because they do not use the Administrator Secret URL Parameter or by entering their password wrong triggering Treat failed logins as a reason for blocking the request.

Beyond that, they might be triggering Monitor Super User accounts (disable, save, re-enable, save again to reset its internal list of Super User accounts) or Forbid frontend Super Administrator login (if you are using linked sessions in Global Configuration OR if something is stuck in Joomla's session —I have a site where this happened— you need to turn this off).

and I found many attempts from him to login today which is no oddity as he has really tried many times.

You imply that the you are seeing a Reason of Login Failure. Ignoring this nonchalantly and claiming it's not a factor to this problem is wrong and tells me you have not read the documentation recently, or you didn't quite understand how Admin Tools work.

The reason of “Login Failure” means your client is entering the wrong username and/or password and you've configured Admin Tools to treat this failed login as a blocked request.

Because of this configuration a login failure counts as a blocked request, therefore it counts towards the IP Auto-ban count you have configured.

When your client fails to login as many times as the configured limit of blocked requests (“Block IP after this many blocked requests”) in the configured time period (“Time period”) his IP address is blocked for the configured amount of time (“Block duration”).

Moreover, if you've enabled the “Add persistent offenders to the IP Disallow List” feature and he got the same IP blocked more times that the configured amount (“Permanently disallow IP after this many automatic blocks”) his IP address would have been permanently blocked, which explains why he cannot access the site at all.

When an IP address is temporarily or permanently blocked you can always use the Unblock IP button in the Web Application Firewall page to unblock it. Disabling Admin Tools is not a valid solution. You also need to train the client not to enter the wrong username and password so many times, e.g. train them how to use their browser's password manager to store the correct username and password, and use said password manager to log into their site.

If you cannot train the client to enter the correct username and password consistently you can always go to Admin Tools, Web Application Firewall, Configure WAF, Hardening Options, and turn off “Treat failed logins as a reason for blocking the request” so that their continued failed attempts to log in do not count as blocked requests, therefore do not result in their IP address getting blocked. 

However, this would be the last resort if you ask me. Based on personal experience, you can train anyone to use a password manager, as long as you use terms that resonate with them. For instance, more people understand “your computer can remember how to get into your site, so you don't have to” far better than “we're going to use a password manager to auto-fill the login credentials”. Personification of technology is a valid teaching method for non-technical users.

You second suggestion is somethin hI don't fully understand, sorry I don't understand what you mean.

I just told you which Admin Tools, Web Application Firewall, Configure WAF options may be involved in your issue if you don't see a blocked request in the Blocked Requests Log. However, this is not the case, so that part does not apply to you.

If the Reason you saw in the Blocked Requests Log is not Login Failure but something else please tell me what the Reason is, and also what is the Target URL you see next to it so I can help you further.

Did you follow the troubleshooting documentation about the .htaccess file?

That's not what I asked you. I asked you if you checked Locked out of my site after applying a .htaccess using Admin Tools' .htaccess Maker. 

Now you did something else which I am not sure exactly what it is and you maybe have a different problem for which you provide no further information or error message.

When you ask us to do support we have to ask a few troubleshooting questions to establish the ground truth and narrow down the problem and help you. This works by finding out what is the effect of each troubleshooting step we propose, so we can eliminate possibilities.

When you take random actions we have not asked you to carry out, and which drastically change the ground truth of the site, between replies it makes it impossible for us to do that. Essentially, you are asking us to start from scratch every time you send a reply.

Worse than that, you don't provide exact problem descriptions and error messages which makes even that impossible. If we ask for that information you will again do something random before replying, therefore the information we get is unusable by the time you send it to us, and off we start from scratch again.

We can't keep doing that. It's not a good use of your time or ours. It's unlikely we can help you with anything when we are not allowed to do effective support and are asked to guess the problem, with just the one chance to be right. That's impossible for any professional asked to operate in an information-poor environment.

I am closing this ticket now. If you have a concrete problem you want help with, and understand you need to stop doing random changes to your site while we're helping you, you may open a new ticket.