WordPress.org

Ready to get started?Download WordPress

Forums

iThemes Security (formerly Better WP Security)
[Plugin: Better WP Security] I could not login to my website after Activating hide my backend (21 posts)

  1. Gratafrr
    Member
    Posted 1 year ago #

    I could not login to the dashboard of my own website after installing this plug-in and activating the security features especially after activating the hide my back end feature. I would like to know how to log into my dashboard after using this feature. thank you

    http://wordpress.org/extend/plugins/better-wp-security/

  2. Peter
    Member
    Posted 1 year ago #

    You need to look into your .htaccess file

    lines like
    RewriteCond %{HTTP_REFERER} !^(.*)yourblogadress/wp-admin
    RewriteCond %{HTTP_REFERER} !^(.*)yourblogadress/wp-login\.php
    RewriteCond %{HTTP_REFERER} !^(.*)yourblogadress/HIDDENBACKEND1
    RewriteCond %{HTTP_REFERER} !^(.*)yourblogadress/HIDDENBACKEND2
    RewriteCond %{HTTP_REFERER} !^(.*)yourblogadress/HIDDENBACKEND3

    RewriteRule ^.*wp-admin/?|^.*wp-login\.php /not_found [R,L]

    Then you can see how the rewrite is done if you forgot it.
    Or you remove the lines/setting a comment # to make it invalid.
    Attention: WPSec. might have set .htaccess to read-only.

  3. CamillaBurggraaf
    Member
    Posted 1 year ago #

    I had the same problem, not sure if the prefix rewrite or the hide back end feature caused it. Neither the wp_config not the .htaccess files seem to have been changed though, so it's a total mystery what happened here.

  4. dinasuntikputih
    Member
    Posted 1 year ago #

    I got the same problem after activating all features which i dont understand fully , i cant login at all,
    please hellppp

  5. MnLGmz
    Member
    Posted 1 year ago #

    Anyone could access to your admin? Please let me know...

  6. Handoko
    Member
    Posted 1 year ago #

    Hello, I ever had bad experiences with this plugin that caused me not able to login. Here are somethings you may try:

    First, and the very first make necessary backup of your important files.
    You can use your FTP program or cPanel File Manager to do it. What to backup? Here are the important files:

    - .htccess on the root of your website folder
    - Entire folder of the plugin wp-content/plugins/better-wp-security
    - Entire folder of your website
    - The database of the website using cPanel phpMyAdmin

    To backup all files in a folder, it will be easier if you compress the entire folder.

    Now, things you can try to retrieve your login:

    1. Try to delete (or rename) the .htaccess file. If you still unable to login, you should restore it from the backup. But if you can login, it means there are somethings wrong in the file. You need to examine and edit the file (restored from your backup), pay attention of the texts between these lines:
    # BEGIN Better WP Security
    # END Better WP Security

    2. You may also try to use .htaccess file from your other WordPress website that is working correctly. You should not try it if one of the website has WordPress multisite enabled.

    3. If you still have no luck, you may try to delete the entire folder of the plugin wp-content/plugins/better-wp-security. You can even combine this option with option no. 1.

    If you managed to login to your admin area. You may need to reinstall the plugin (or perhaps uninstall if you not wish to use it). This reinstallation is neccessary to make sure the plugin won't left unused data on your website (database). Once if you're sure your website is working correctly, you should do backup immediately.

    These above are based on my experiences, I can't guarantee success. Try it on your own risk. Hope it helps.

  7. enelbus
    Member
    Posted 1 year ago #

    Hi Handoko,

    I had the same problem and I already have done the process you describe. My problem is that I can't use any of my usernames, because it says they not exist. Can you help me?

    Thanks.

  8. MnLGmz
    Member
    Posted 1 year ago #

    To be honest,i unistall the app.

  9. Handoko
    Member
    Posted 1 year ago #

    @enelbus:

    If you follow the instruction above you should be able to login. Have you tried to reset your account by clicking the Lost your password on the login form?

  10. enelbus
    Member
    Posted 1 year ago #

    @Handoko

    Yes, I tried that. Also an emergency php file where I changed my password, and changing the password directly via the phpMyadmin panel on my server. Nothing worked. When I tried to login, the window just erased the words from the form without an error. I tried to login on different computers. I think, in my case, another part of the code from the plug-in is still there hidding the usernames and I didn't save the secret key.

    I just gave up and I'm going to start all over again the blog.

  11. Handoko
    Member
    Posted 1 year ago #

    If you trust me, you can email me your .htaccess file handoko_yahu[at]yahoo.co.id.

  12. Handoko
    Member
    Posted 1 year ago #

  13. cscottb
    Member
    Posted 1 year ago #

    I found the easiest way to get back into my site when I couldn't log in was by accessing the .htaccess file via ftp and deleting the Better WP Security entries, or at least those dealing with the redirects; as mentioned at the end of #1 by Handoko above.

  14. Handoko
    Member
    Posted 1 year ago #

    Glad to hear you can easily fix the login problem. In some other cases, we may need to use step 2 or 3.

    A good things to do: you should keep a copy of the .htaccess file on your local computer, because many problems may be fix simply copy/paste the .htaccess from backup.

  15. kravedesigns
    Member
    Posted 1 year ago #

    I'm freaking out. I am very new to wordpress. I created a site for a client. Things were fine for a few months. Then the site was hacked. I got everything cleaned up and back to normal and installed your plugin. I really just did whatever options it said, and now, when I go to mysite/wp-admin it is a spam site. How the heck do I login??? Any help will be greatly greatly appreciated.

    Thank you.

  16. mbrsolution
    Member
    Posted 1 year ago #

    Hello @kravedesigns, what do you mean by:

    I really just did whatever options it said, and now, when I go to mysite/wp-admin it is a spam site.

    If it is reporting a spam site, are you sure you cleaned your site correctly? You can use the following link to check your site for viruses or other issues.

    Kind regards

  17. kravedesigns
    Member
    Posted 1 year ago #

    Hello @mbrsolution I did the one click and just went through the list and changed everything that was in yellow or red or blue to make it green. Then I logged out of my wordpress dashboard, because it said since i changed my username from admin that i needed to and re-log back in, and when i went to re-login, it is a spam site that shows up, not the wordpress login.

  18. kravedesigns
    Member
    Posted 1 year ago #

    and I just did site check with the link you gave and it says it is verified clean.

  19. Handoko
    Member
    Posted 1 year ago #

    @kravedesign:

    One click setting is good for the users who have already understand how this plugin works. But for newbies, they sometimes missed to read some useful information.

    For your case, I guess the plugin has blocked the direct access to your wp-admin. You now should able to login using:
    yourwebsite/login

    Good luck.

  20. mbrsolution
    Member
    Posted 1 year ago #

    Hi you might want to check this link from the developer about locking yourself from your site.

    If the above does not work for you then I suggest for you to delete the plugin via FTP. There are also some entries that you will have to delete from the .htaccess file, again via FTP.

    Once the above is achieved and you can log back into yoursite.com/wp-admin then reinstall the plugin. Once you have activated the plugin read the options in different colour before you decide to alter all of them to make them green, "secure".

    I have this great plugin installed in all my websites however I don't enable all the security because I know that it might crash or lock me out of my sites. Also some of my plugins don't function correctly if I make everything secure "green".

    I hope this helps you.

    Kind regards

  21. antlaurasgarden
    Member
    Posted 9 months ago #

    Hello, i had the same trouble. I simply went to my email and opened my cpanel i was assigned by my hosting site. Found the file manager and clicked the public_html folder. I then entered the wp-content folder and deleted the better wp security plugin. I then re-entered the public_html folder and noticed i had 2x .htaccess files. I simply deleted the most recent one ( wich i assume was generated upon activating hide backend). Viola, i reloaded my page with the 500 error and my site popped up. I was almost certain i would never ever be able to figure out how to fix what i had done on accident. So scary to put in that much work on a site and to lose it cause your aren't 100% on how to do something. O and by the way if your looking for FRESH flower seeds or just a lovely piece of garden decor, visit http://www.antlaurasgarden.com and thank you in advance.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags