WordPress.org

Forums

WordPress › Support » Plugins and Hacks

Better WP Security
Uninstalling and Reinstalling? (8 posts)

  1. randykepple
    Member
    Posted 5 months ago #

    Technically, it's version 3.4.6. :)

    We've been having some brute force login attempts on our server. Installed the BWPS plugin yesterday and used the default, one-button settings. Overnight, it blocked and logged (2) separate login attempts from the Ukraine.

    I decided to enable the "track site changes" and it broke my site. Got the dreaded 500 Internal server database error.

    I logged into the server and disable the plugin manually, by adding a ~ in front of the filename. This allowed me to get back into the WP dashboard and delete the plugin. I also edited out all instances of BWPS from the .htaccess file and dropped the (2) BWPS tables from the SQL database and edited the config file.

    My site started working again. So, I installed a fresh copy of BWPS and activated it and instantly, it broke my site. So, I did all the above again.

    My question is how do I completely erase BWPS and all instances from my site and start from scratch? It appears there is still something in the database or a file that is triggering the old settings.

    Thanks!

    http://wordpress.org/extend/plugins/better-wp-security/

  2. randykepple
    Member
    Posted 5 months ago #

    Also, just for an FYI, we use the Pro Photo theme our blog. (http://www.myportlandphotographer.com) http://www.prophotoblogs.com. I was told by their tech support that this theme uses dynamic stylesheets. So, the site change tracking option may not have been playing nice with our particular theme. Something to be aware of. Now I'm having issues with the contributors being able to log in. Apparently, the plugin also changed or made the login url hidden? No one can log in now...

  3. randykepple
    Member
    Posted 5 months ago #

    I did find that when I told the plugin to track changes to files, it tried to write these huge lines to the database consisting of the name of every file on the site and the last date it was changed. The database rejected these attempts to add these huge records and shut down temporarily.

  4. Handoko
    Member
    Posted 5 months ago #

    @: I decided to enable the "track site changes" and it broke my site. Got the dreaded 500 Internal server database error.

    Don't know why, but I personally think this feature is not very helpful. If I enable this feature, I can see it increases my server load significantly. You can disable it on section: Intrusion Detection> File Change Detection.

    @: Apparently, the plugin also changed or made the login url hidden? No one can log in now...

    You can disable this feature at Hide Backend section.

    @: Installed the BWPS plugin yesterday and used the default, one-button settings.

    I think one-button settings is not the best thing. On some cases it will easily break your site. My suggestion is to disable all the features first, then enable it one-by-one to test if it works. Remember, before do anything dangerous always backup.

    Good luck.

  5. randykepple
    Member
    Posted 5 months ago #

    Thanks Handoko!

    The problem is the plugin broke my site. I had to manually delete the plugin via ftp to the server. When I logged back into the WP dashboard, I had an error message that the plugin had been deactivated.

    I reinstalled the plugin and it broke immediately.

    I did the same thing all over again. I ended up having to manually edit the .htacess file, the wp-config file and delete two of the tables in the SQL database. Even after doing that and trying to reinstall the plugin again, it broke yet again!

    I had to do the same thing all over again. So, apparently, it's changed something in the database or another file. It's useless to me at this point and we're still having issues with the NextGEN database from this plugin.

    Any other suggestions?

    Thanks!

  6. Handoko
    Member
    Posted 5 months ago #

    Do you know how to access your database? I guess you know.

    I accessed my database and found that this Better WP Security plugin store its configuration on table: wp_options. There are 3 records are related with it.

    You can use this SQL command to search the record

    SELECT *
FROM 'wp_options'
WHERE option_name LIKE '%bwps%'

    There you can see the records with option_name:
    - bit51_bwps_data
    - bit51_bwps
    - bwps_file_log

    Are the places the plugin store the settings. You may need to delete it manually after you uninstall the plugin. Make you have done necessary backup before do it.

  7. randykepple
    Member
    Posted 5 months ago #

    Thank you Handoko! I will delve into the database and report back to you. I appreciate the information, that is VERY helpful!

  8. dwnfred
    Member
    Posted 3 months ago #

    Hello

    i had the same error, the problem was the 404 Detection, I had to clean the lockout from the database (table wp_bwps_lockouts) and then disabled the 404 detection

    But thank you for the help, it helps really

    For users that have the same problem : http://bit51.com/fixing-better-wp-security-lockouts/

    Thank you

Reply

You must log in to post.

About this Plugin

About this Topic

Tags