WordPress.org

Ready to get started?Download WordPress

Forums

124

iThemes Security (formerly Better WP Security)
[closed] How to RESET iThemes Security plugin to fix issues (113 posts)

  1. Viktor Nagornyy
    Member
    Posted 3 months ago #

    As many others, a few of our websites got screwed by iThemes Security "upgrade". We had login issues where we were redirected to homepage.

    There issue is somewhere in the database, it gets screwed up with an upgrade. I did not have time trying to figure out the problem, that's for the plugin developers. BUT, I needed to fix sites. So here's how I fixed my sites by resetting this plugin's database.

    This is not for the faint of hearts, it requires some technical knowledge to edit your database tables.

    BACKUP DATABASE! BACKUP DATABASE! BACKUP DATABASE!
    Use phpMyAdmin to export your database. See Google for details or
    see this article http://www.techrepublic.com/blog/smb-technologist/import-and-export-databases-using-phpmyadmin/

    INSTRUCTIONS
    1. Through FTP or cPanel file manager, go to /wp-content/plugins/
    2. Rename "better-wp-security" folder to something else like "better-wp-security2"
    3. Plugin is disabled and your admin is back working.
    4. Now, the reset. You need to access your database, ideally through phpMyAdmin interface in your control panel (cPanel).
    5. If you have many websites, locate your correct database for the website you're working on. You can match database name to the name inside wp-config.php file.
    6. Click database name to select and load it.
    7. On the right side you will see a list of tables.
    NOTE: THIS IS A GOOD TIME TO BACKUP/EXPORT YOUR DATABASE. YOU'VE BEEN WARNED.
    8. Delete tables with "itsec" - see screenshot
    http://i.imgur.com/PHLITDW.png
    9. Go to your "options" table, click it.
    10. Sort by "option_name" by clicking the header, and making sure you got rows sorted A-Z.
    11. Find option_name rows starting with letter I.
    12. Look for "itsec" options. See screenshot.
    http://i.imgur.com/MTqTn4h.png
    13. Select all of them. If you're at the end of the current page, make sure you delete options and check next page to make sure you get them all.
    14. Once you delete these options. Go back to FTP/File Manager.
    15. Rename folder back to it's original name "better-wp-security".
    16. Login to your UNBROKEN website using normal wp-login.php URL.
    17. Go to Plugins and activate this nasty plugin back.
    18. It should be fine, you HAVE TO GO THROUGH SETTINGS AGAIN and set it up to protect your WordPress. We deleted all settings!
    19. Carry on WordPressing.
    20. Still here? Go.

    It fixed our homepage redirect issue, but it may fix other issues as well that you might be experiencing. Please be careful and test.

    :)

    https://wordpress.org/plugins/better-wp-security/

  2. LisaA
    Member
    Posted 3 months ago #

    Thank you!

    Now if we only knew what caused the problem to begin with so we didn't choose the same options again.

  3. Davee_Boi
    Member
    Posted 3 months ago #

    Worked for me, thank you very much. Luckily I only have one more site using the plugin, might hold off upgrading until the next version arrives!

    Thanks again Viktor.

  4. Viktor Nagornyy
    Member
    Posted 3 months ago #

    You're welcome. Lucky you, I had about a dozen to go through ha!

  5. maniaka
    Member
    Posted 3 months ago #

    DonĀ“t work for me, i "work" before read your solution. :(

  6. Viktor Nagornyy
    Member
    Posted 3 months ago #

    maniaka, are you still having a problem with your website? Did you start a thread for your problem I can see?

  7. wpinklady
    Member
    Posted 3 months ago #

    Hi, Viktor:

    First of all, thank you so much for the helpful information, so glad I found it here.

    It is so confuse for the recently upgraded iThemes Security plugin and caused so many problems. I just upgraded to the latest version a few minutes ago, but after that, the whole site was locked out with an "error" blank page showing up. After restored db, the whole site came back, but then again. I did several times restored, but got the same thing again and again, currently, deactivated the plugin, the whole site runs normally.

    After I read through your article, I have questions, can you answer for me? Really appreciate it!

    - Is there any "risk" for: Delete tables with "itsec" & Delete "itsec" options??? What are these steps really for? Do those tables and data no longer useful for new iThemes Security?? Would like to know what those for? Can you explain more?

    I have to deactivate the plugin to prevent further lock out the whole site, but I would like to understand more before do anything.

    Thanks again for the helpful article, really appreciate it. Hope I will get answer from you soon.

  8. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Hi wpinklady,

    All plugins add some sort of information to WordPress database to save settings, information, etc. This plugin does this too. Unfortunately, when you deactivate plugin - in most cases - database entries are not deleted and remain in the database.

    For some reason, new version of iThemes Security has issues with database entries created by Better WP Security plugin.

    The only way to fix it, is to remove old entries and allow plugin to add new entries once you re-activate it again. When you simply re-activate plugin now, it does NOT override those entries. It simply uses them, breaking your website.

    That's why deleting them fixes the issues.

    There's always some risk when you mess with database, but if you follow my instructions carefully (including backing up database), you should not have any issues. As long as you don't delete any other stuff, you'll be fine.

    Hope that explains it.

  9. wpinklady
    Member
    Posted 3 months ago #

    Hi, Viktor:

    Thank you so much for answering my questions, really appreciate it. I will follow your instructions and will let you know if it works or not. Thanks again for your quick respond, really appreciate it.

  10. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Sure thing :)

  11. wpinklady
    Member
    Posted 3 months ago #

    Hi, viktor:

    Questions:

    After followed your instructions, deleted those tables and data, go back to back end and reset settings. Question: will those tables disappear forever, is that correct??? If not, then what went wrong???

    And, more problem, after reactivated and reset settings, why it forced back end to https, which this site does not have SSL? And, then locked out from back end, until restore the org. wp config file.

    Now, getting even more problems.....getting more headache....:(

    What should I do next??? Now, I have to deactivate this plugin again....

  12. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Hi,
    When you delete those tables, they do disappear. BUT, when you reactivate plugin new tables are created.

    SSL issue as far as I read in other threads (since I did not have that issue) is related to either wp-config.php file and/or htaccess file.

    1. Make sure your htaccess file has standard code like this, delete everything else:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress

    If that's what you have already, or it still doesn't fix. Next step.

    2. Check your wp-config.php file.
    Make sure you don't have these:

    define( 'FORCE_SSL_LOGIN', true );
    define( 'FORCE_SSL_ADMIN', true );

    If you do, delete them.

    If you followed above steps, and removed database entries correctly, and it still does not work. Then it's possible it might be having a conflict with something else either theme or plugin.

    I do assume your WordPress version is up-to-date, at least 3.8. If not, then it is possible outdated version has issues with new plugin.

  13. wpinklady
    Member
    Posted 3 months ago #

    Hi, viktor:

    Question: after reactivated, the table did not recreate, so.....um.....weird.....did I do something wrong?????

    The htaccess looks the same, I guess it did change the wp config file, because after I changed it back to the one before reactivated the plugin, then I can go to the back end to deactivate the plugin again.

    Let me try one more time.....

    Anyway, have to say thank you so much for your really really quick respond, I do really appreciate it.

  14. frustrated999
    Member
    Posted 3 months ago #

    Really hesitating updating this extension in case the update borks the one site I have it already installed on. I have held off upgrading any other sites because of the buggy plugin.

  15. wpinklady
    Member
    Posted 3 months ago #

    Hi, viktor:

    Redo, so far so good.....(yes, the tables did recreate), will wait to see if they really work (please don't lock out this time.....).

    Another issue:
    I posted several days ago (but no one replied), regarding this plugin conflicts with WooCommerce, don't know if the latest version will work with WooCommerce well or not?

    Viktor, thank you very much for your help today, it's really really helpful!! :)

  16. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Hi, you're welcome. Hope it does work.
    Not sure about woocommerce, since one issue I had with it was resolved after I reset database. So see if woocommerce issue is fixed after all is good with the plugin.

    I saw a thread that latest versions of this plugin fixed some of the issues with woocommerce and other stuff. So upgrade to latest version is in order. "Technically" upgrade should work fine now, without locking anyone out. I will be upgrading this weekend all our client websites, so I guess I'll find out :)

  17. wpinklady
    Member
    Posted 3 months ago #

    Hi, Viktor:

    I haven't touched the woocommerce site today yet, but will do "the same thing (above)" to the woocommerce site later this week. Hopfully the latest version of iThemes Security will go with Woocommerce smoothly. Will see.....

    If I find any issue(s), will come back here and look for answers. Thank you, Viktor!

  18. Prabincha
    Member
    Posted 3 months ago #

    It seems it is working as Viktor says, I just renamed the better security folder in wp-contents to something else. It gave me access to domain.com/wp-admin where I could log in and get to the dashboard. I found that the iThemes Security was deactivated, I deleted the plugin and now reinstalling it again. Hope it works well.

    Thanks to Vikotr, as I tried different things changing .htaccess but didn't succeed.

  19. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Simply re-installing and re-activating plugin will NOT delete old database entries and you might be locked out again. If that does happen again, follow the instructions to remove database entries.

    When you activate plugin and database entries are present, it simply uses them - it does NOT override them.

  20. LisaA
    Member
    Posted 3 months ago #

    I agree with Viktor, I went through this over and over again with several websites I have the Security plugin installed on and had the same problem on all the sites until I used Viktor's instructions and cleaned out the database and started over.

    His solution works but you have to do the whole thing, rename the folder and clean out the database.

    Thanks again Viktor! I spent hours messing around with this until I found your post.

  21. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Glad I could help Lisa.

  22. edubz15
    Member
    Posted 3 months ago #

    I've deleted all db tables and instances and followed your instructions but I can still not get into the plugins section on the backend. Only getting Internal server error. Please... any ideas?

  23. Viktor Nagornyy
    Member
    Posted 3 months ago #

    That error sounds like htaccess issue. Make sure you htaccess file looks like this, delete everything else.

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress
  24. edubz15
    Member
    Posted 3 months ago #

    Yeah, I thought maybe that too but it wasn't, I removed all except your above from my .htaccess file but still the same results.

  25. silenx
    Member
    Posted 3 months ago #

    Same here .. htaccess fix not work on 4.0.12 .. 2 site of 2 with the blank page on the custom-login-slug

  26. Viktor Nagornyy
    Member
    Posted 3 months ago #

    edubz, check your wp-config file for anything extra. They do add some stuff in there sometimes. Internal server error is related to hosting so you might be able to get your hosting company to provide support for that. I know they will at least tell you what's causing it. Also, one thing you can try, rename .htaccess to htaccess.txt to disable it. See if that helps.

    silenx, did you delete database entries, made sure htaccess and wp-config files are clean/standard? When plugin is disabled, custom slug won't work. So wp-login.php will work.

  27. wonderwoman2
    Member
    Posted 3 months ago #

    Thank you Viktor - you have been a lifesaver :-)

  28. tuas2k
    Member
    Posted 3 months ago #

    thanx, really appriciate, last 24 hrs have been terrible for my blood preassure. my wordpress still is a bit slow, but at last i can see it (front end and back end)

  29. tmrait
    Member
    Posted 3 months ago #

    Victor, you are my hero...
    My problem was that the wp-login kept redirecting to https:// and I couldn't find any solution. Came across your post and followed all your steps but I still couldn't login, then you post:-

    2. Check your wp-config.php file.
    Make sure you don't have these:

    define( 'FORCE_SSL_LOGIN', true );
    define( 'FORCE_SSL_ADMIN', true );

    If you do, delete them.

    worked - all good now, thank you so much.

    PS Loved Better WP Security - not so loving iThemes Security - will wait before reactivating plugin. Good luck to everyone having problems.

  30. Viktor Nagornyy
    Member
    Posted 3 months ago #

    Hi tmrait, if you deleted all database entries I mention, you should be safe re-activating it. I had no issues. But you never know though.

124

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.