diff --git a/src/Config/Auth.php b/src/Config/Auth.php
index 9df36cd77..d938cb46c 100644
--- a/src/Config/Auth.php
+++ b/src/Config/Auth.php
@@ -159,7 +159,7 @@ class Auth extends BaseConfig
      * Record Last Active Date
      * --------------------------------------------------------------------
      * If true, will always update the `last_active` datetime for the
-     * logged-in user on every page request.
+     * logged-in user on every page request, provided the user is activated and not banned.
      * This feature only works when session/tokens/hmac/chain/jwt filter is active.
      *
      * @see https://codeigniter4.github.io/shield/quick_start_guide/using_session_auth/#protecting-pages for set filters.
diff --git a/src/Filters/HmacAuth.php b/src/Filters/HmacAuth.php
index fd2123c04..37d1ae991 100644
--- a/src/Filters/HmacAuth.php
+++ b/src/Filters/HmacAuth.php
@@ -45,10 +45,6 @@ public function before(RequestInterface $request, $arguments = null)
                 ->setJSON(['message' => lang('Auth.badToken')]);
         }
 
-        if (setting('Auth.recordActiveDate')) {
-            $authenticator->recordActiveDate();
-        }
-
         // Block inactive users when Email Activation is enabled
         $user = $authenticator->getUser();
         if ($user !== null && ! $user->isActivated()) {
@@ -59,6 +55,10 @@ public function before(RequestInterface $request, $arguments = null)
                 ->setJSON(['message' => lang('Auth.activationBlocked')]);
         }
 
+        if (setting('Auth.recordActiveDate')) {
+            $authenticator->recordActiveDate();
+        }
+
         return $request;
     }
 
diff --git a/src/Filters/SessionAuth.php b/src/Filters/SessionAuth.php
index 2063f240d..2a3f87e0a 100644
--- a/src/Filters/SessionAuth.php
+++ b/src/Filters/SessionAuth.php
@@ -52,10 +52,6 @@ public function before(RequestInterface $request, $arguments = null)
         $authenticator = auth('session')->getAuthenticator();
 
         if ($authenticator->loggedIn()) {
-            if (setting('Auth.recordActiveDate')) {
-                $authenticator->recordActiveDate();
-            }
-
             // Block inactive users when Email Activation is enabled
             $user = $authenticator->getUser();
 
@@ -76,6 +72,10 @@ public function before(RequestInterface $request, $arguments = null)
                 }
             }
 
+            if (setting('Auth.recordActiveDate')) {
+                $authenticator->recordActiveDate();
+            }
+
             return;
         }
 
diff --git a/src/Filters/TokenAuth.php b/src/Filters/TokenAuth.php
index 473d5cc8d..a5230b774 100644
--- a/src/Filters/TokenAuth.php
+++ b/src/Filters/TokenAuth.php
@@ -61,10 +61,6 @@ public function before(RequestInterface $request, $arguments = null)
                 ->setJSON(['message' => lang('Auth.badToken')]);
         }
 
-        if (setting('Auth.recordActiveDate')) {
-            $authenticator->recordActiveDate();
-        }
-
         // Block inactive users when Email Activation is enabled
         $user = $authenticator->getUser();
         if ($user !== null && ! $user->isActivated()) {
@@ -74,6 +70,10 @@ public function before(RequestInterface $request, $arguments = null)
                 ->setStatusCode(Response::HTTP_FORBIDDEN)
                 ->setJSON(['message' => lang('Auth.activationBlocked')]);
         }
+
+        if (setting('Auth.recordActiveDate')) {
+            $authenticator->recordActiveDate();
+        }
     }
 
     /**