I Can't Login After Installing Better WP Security, Even wp-admin link Broken
-
Hello,
Please Help me to remove Better Wp Security Plugin at any cost. Or To Suggest to resolve my problem, I did not Take backup before instaling this plugin, I already tried to remove through FTP but it did’t work.Please Guide me in full way.
I Thankful to u all
Please Help Me.
-
had the same problem.
couldn’t login anymore.
i’ve just deleted this pluginI had the same problem!!
Hi all.
The only solution to get back in to your site is to remove your .htaccess file which has been modified by BWPS.
I have experienced this problem with older versions but upgraded to BWPS 3.0.1 today which, again, rendered my site inaccessible.
The .htaccess file that crashes my site (giving a http 500 error) looks like this:
# BEGIN Better WP Security Options All -Indexes Order allow,deny Allow from all Deny from <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC] RewriteRule ^(.*)$ - [F,L] RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR] RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] RewriteCond %{QUERY_STRING} tag\= [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\: [NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare).* [NC] RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ RewriteRule ^(.*)$ - [F,L] # END Better WP Security
If someone could help out to identify what causes the http 500 error I’d be happy.
A few minutes later:
After having deleted almost every line in the BWPS generated .htaccess file I ended up with this, and my site is still inaccessible!
# BEGIN Better WP Security Options All -Indexes Order allow,deny Allow from all Deny from <IfModule mod_rewrite.c> RewriteEngine On # END Better WP Security
There has to be something seriously wrong happening when BWPS generates the .htaccess file, but I don’t know what it is…
The updated version seems to be working fine for me. Just thought I would share that.
Im using WP-buddypress and have same problems.
First i try just to update plugin and my website becomes unusable then i deleted plugin and cleared all data in database so i installed fresh…still didnt worked so i decided to delete once again and returned older version of plugin wotrked seamless so i uncheck all security options and cleaned database again includin cleaning .htacces file to be old wordpress wpconfig with normall permissions and i installed plugin again and doesnt working.
Some of server error are next:
WP database ‘mybase._bwps_lockouts’ doesn’t exist for query INSERT INTO_bwps_lockouts
(type
,active
,starttime
,exptime
,host
,user
) VALUES (‘2′,’1′,’1330960478′,’1330960478′,’66.249.66.174’,”) made of require, require_once, include, get_header, locate_template, load_template, require_once, wp_head, do_action, call_user_func_array, bwps_secure->check404, bwps_secure->logevent, bwps_secure->lockout‘mybase._bwps_log’ doesn’t exist for query SELECT COUNT(*) FROM
_bwps_log
WHERE type=2 AND host=’66.249.66.174′ AND timestamp > 1330960478; made of require, require_once, include, get_header, locate_template, load_template, require_once, wp_head, do_action, call_user_func_array, bwps_secure->check404, bwps_secure->logeventi removed database prefix from this code but i hope that this will help making it fix.Just to mention my cleaning database have meaning that i deleted just records of site lockout and not whole table,also i noticed when i install never version and i want to untick all options there was an error becouse data in htacces file and wp-config staying nchanged for permissions and data stored while plugin was active i didnt check install file also.Can you make when i want to uninstall plugin to be all settings restored as was before installing it?in this case i must do manual.Thanks I think this is very good plugin and keep it working ppl 🙂
This is a simple problems. It is not because of upgrade or anything else. When you implement the Better WP security, there is a button to Hide Backend Options. The Security tool changed fro, wp-admin, wp-login etc to just admin, without the wp. So you can either log in by entering your domain followed by admin or login eg.
http://www.mydomain.com/admin or you can use the http://www.mydomain.com/wp-adminXXXX where XXXX is the secret code you were provided when you enabled the Hide Backend options: If this helped leave me a commment here on our blog. http://www.sleekwarehouse.comwhere is saved secret key? I forgot it and now can’t login
I have the secret key but still can’t log in because I made the mistake of changing “login” “admin” and “register” with a word I can not remember and I stupidly did not write down.
Anything I can do? Or just keep trying to use words I thought I used?
xfalcon1 you can get it from your .htaccess file
OK, thanks to you all I could solve it. Opened the htaccess file editor and copypasted the wp-admin line as you said. Now we now the solution if the login page gets lost again. For the rest I am very happy with the pluguin. Feel safer!
Glad it’s working. Thanks for the followup.
I’m not able to find the wp-admin line in .htaccess. What section is it in and what should I look for? Thanks.
I simply can not figure out how to get in to my client’s site. I have tried every combination of /login , /admin, /login[secretcode] , /login?[secretcode] … etc. and can not get into the site.
Should I just rename the htaccess file and start with a blank one? Very frustrating
using /admin[secret code] isn’t working for me. still only getting “not_found”
I’m having the same problem and can not resolve the error not_found
- The topic ‘I Can't Login After Installing Better WP Security, Even wp-admin link Broken’ is closed to new replies.