EPSS
Percentile
33.9%
The function check_is_login_page() uses headers for the IP check, which can be easily spoofed.
Set HTTP_CLIENT_IP to bypass blocks / use allowed IP addresses.