WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
Good but need to use with caution (2 posts)

3 stars
  1. jdaviescoates
    Member
    Posted 1 year ago #

    This is a great plugin but lots of its features breaks lots of other plugins/ themes and/or lock you out of your site, generate 500 errors etc (this happened to me many times - it wasn't a problem really, I just had to keep reverting .htaccess back to how it was before this plugin changed it).

    In short, takes a bit of time to get to know, but works well once configured for your set-up.

  2. Bill Karkavos
    Member
    Posted 1 year ago #

    hello,

    so regarding your suggestion

    "
    Another suggestion:

    When BWPS plugin is not allowed to directly edit core files, append something to the email notifications about having to go and manually edit them yourself.

    e.g. I just got the following message:

    A host, 95.227.198.80(you can check the host at http://ip-adress.com/ip_tracer/95.227.198.80) has been locked out of the WordPress site at http://mysite.com parmanently due to too many login attempts. You may login to the site to manually release the lock if necessary.

    The wording is a bit mislead because until I manually update the .htaccess file myself (I'm presently not allowing the plugin to directly edit files - in part to learn what it actually does) that IP will NOT be locked out.

    This could be made a lot more obvious, e.g. by chaning the text and including something about needing to edit the file yourself if BWPS security is configured to not be able to edit files directly.
    "

    in this thread http://wordpress.org/support/topic/suggestions-and-bwps-40?replies=25

    which i totally second as it being more than misleading.

    as also this message "Settings Saved. You will have to manually add rewrite rules to your configuration. See the Better WP Security Dashboard for a list of the rewrite rules you will need."

    that comes up when you manually input a host ip you want to ban in the backend of the plugin.

    When it says configuration does it mean i have to manually edit the .htaccess file, wp-config.php file or both?

    and if in the beginning i did not allow BWPS to be able to edit the files directly, added some host ip in the ban area of the plugin and then let BWPS to edit files, are those IPs locked out?

    Thank you in advance!

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.