WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[resolved] Better WP Security broke my System (16 posts)

  1. JohnSaund
    Member
    Posted 1 year ago #

    I can no longer get into my Admin becaues of Better WP Security. Backup was a nice options, to bad no one thought of a RESTORE option.

    http://wordpress.org/extend/plugins/better-wp-security/

  2. Handoko
    Member
    Posted 1 year ago #

    What was the error message? What have you done that cause the problem? We need more information, it hard for us to guess.

  3. JohnSaund
    Member
    Posted 1 year ago #

    Can not login to Admin - Access Denied. So that means I could not do anything about it from the system side. Did not know I had a problem until I rebooted the Server. Reinstalled full system backup, but the plugin was still there so Deleted the plugin folder and reset permalinks. Now I have to go into the databases and figure that out because it isn't 100%. Five minutes to install and setup, 3 days of.....

    Thanks for the reply.

    LOL on What have your done that caused the problem?

  4. Handoko
    Member
    Posted 1 year ago #

    I guess you have enabled certain features on the plugin which is not compatible with your server environment or other plugins.

    Read here if you want to know more:
    http://wordpress.org/support/topic/it-seems-very-risky-to-use-this-plugin

  5. JohnSaund
    Member
    Posted 1 year ago #

    Yes you are probably right as that is what testing is all about.

    The article you reference is very good however in this case when you can not access your admin you can not do any of those things. That is the kicker here. Now with the plugin delete I can get into the system but some things are left behind and I get timed out by my own system. I'm at a loss because even my browsers Chrome and Firefox are timing me out. Anyway I can only guess I am going to have to rebuild the whole site from scrach, last time I did that the backup plugin you referenced didn't work that well, picked up the docs but missed the images and over 600 of them that is a big deal.

    Thank you for your response I will let you know what happens unless you can come up with a better idea.

  6. jpw94
    Member
    Posted 1 year ago #

    if you chose "hide" admin login (admin slug) then perhaps you could remember what you chose. so, instead of wp-admin it is what you chose as the admin slug.

    If ou cannot remember, you'll probably need to log into our hosting site and edit the database to recover the admin name (or re-set it) and reset the login password.

  7. Handoko
    Member
    Posted 1 year ago #

    @JohnSaund:

    For IP ban test, you should ask someone (who his IP is different with you) to perform the hacking attempts (login or intrusion). So you will still able to access your admin, only the IP of your friend will be blocked/banned.

  8. JohnSaund
    Member
    Posted 1 year ago #

    Jpw94 thanks, but I know I didn't get to that one however I am heading to the databases next.

    Handoko: The site works from the outside world, it was me that can't get in on my own network or if I am sitting at the Server. However I can't do what you recommend as the plug-in isn't active, I assume that is what you mean.

    I will go and look at the _BWPS_Lockouts dababase and see what is what. I read Chris's blog on fixing Better WP Security Lockouts and thought to myself that really wouldn't help a noob as he won't know how to open a database.

    What would happen if I reinstalled the plugin now, It was manually removed two days ago and I reset my .htsaccess and wp_config.php. If I reinstall will the changes to the database be restructured as a basic install? Hopefully clearing out whatever has caused me problems.

    The only reason I want to do this is because I have three days of articles each day backup but so was the plugin settings so going back beyond what would be 5 or six days now would mean I could loose that data. I don't just backup the application I backup the whole system much easier and much faster. But now have to re-think that.

  9. Handoko
    Member
    Posted 1 year ago #

    ...it was me that can't get in on...
    What did you do that cause yourself being blocked from your website?

    What would happen if I reinstalled the plugin...
    In somes cases you might be blocked immediately if you reinstall the plugin. You need to perform clean uninstallation to avoid it (see item no. 2):
    http://wordpress.org/support/topic/after-log-in-screen-goes-blank

  10. JohnSaund
    Member
    Posted 1 year ago #

    "..it was me that can't get in on...
    What did you do that cause yourself being blocked from your website?"

    I rebooted the Server after installing Better WP Security. I'll get back to you on clean uninstall.

  11. JohnSaund
    Member
    Posted 1 year ago #

    Okay I have flushed the wp_bwps_lockouts and Log tables.

    I have removed from wp-content:
    _bwps_data
    _bwps
    _file_log
    _bwps_instrusion_warning

    I had already dealt with .htaccess and wp_config.

    So I watch and see what happens the next couple of days.

    As the plugin isn't install right now can I drop wp_bwps_lockouts and wp_bwps_log tables? Hopefully giving me a clean system for the next attempt, which I will pay more attention to the warnings this time.

    Thanks

  12. Handoko
    Member
    Posted 1 year ago #

    If you have uninstalled (or deleted the plugin folder), you may also drop the wp_bwps_lockouts and wp_bwps_log tables.

    It should give you a clean installation for the next attempt. But for better peace in mind, you may do backup before starting the installation.

    Note:
    I should say sorry, because there was a wrong post yesterday. I was answering several posts and I was carelessly posted the wrong thing here.

  13. JohnSaund
    Member
    Posted 1 year ago #

    Thanks Handoko,

    I didn't take offence by any writings, besides I have a thick skin.

    Okay at this point system is clear, new backup system running everyday along with daily system backup. I'm almost ready to try it again.

    Thanks for your patients and guidance.

    One point, when I was reading the helps, reference to SQL commands something like this SELECT * FROM "wp-content" works in phpmyadmin but not in a terminal. Using mysql> "wp-context" won't have the quotes or at least on my Linux system it doesnt. Could cause confusion I guess.

  14. Handoko
    Member
    Posted 1 year ago #

    Glad to know you didn't take offense.

    Have you started the installation? What is the result? It should working correctly without break your website.

    I'm not very proficient about SQL, never know about the quote problems. I used it in my phpmyadmin and it worked. Sorry that caused your confusion.

  15. realhcm
    Member
    Posted 10 months ago #

    I change my wordpress web to other hosting and have the problem when I export my SQL, the Error is:
    -- Table structure for table wp_bwps_lockouts
    --
    CREATE TABLE IF NOT EXISTS wp_bwps_lockouts (

    id INT( 11 ) NOT NULL AUTO_INCREMENT ,
    type INT( 1 ) NOT NULL ,
    active INT( 1 ) NOT NULL ,
    starttime INT( 10 ) NOT NULL ,
    exptime INT( 10 ) NOT NULL ,
    host VARCHAR( 20 ) DEFAULT NULL ,
    user BIGINT( 20 ) DEFAULT NULL ,
    PRIMARY KEY ( id )
    ) ENGINE = MYISAM DEFAULT CHARSET = latin1 AUTO_INCREMENT =234;

    How I can fix it? Thanks you

  16. Handoko
    Member
    Posted 10 months ago #

    Have you tried to disable or even better uninstall the plugin before start the moving process.

    I had some bad experiences moving websites to different web hostings. And I know now, the chances of success is higher if we uninstall most of the plugins which are easy to configure before start the moving process, especially security and caching plugins. Plugins are hard to configure (usually the ones related with theme, appearance and contents) should kept.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.