iThemes Security Update Fails – 404 errors, 403 errors, forbidden, RSS fail

Hi,
All the same here!
I updated from BWPS and the first step was to update the database which I did and lost control of my site (403 error). My provider helped out and disabled the plugins to be able to get back in, then I started turning the plugins back one by one. Turning on iThemes Security worked but when I started doing the settings it again threw me out with 403 error.

The guys at Hostgator are telling me that the plugin was creating too many Deny Coding in the .htaccess file and that it was blocking every IP. I have no idea what this means as I am not a techie guy, all I know is that I had to disable the plugin and I feel naked…
Could you please look into this?

I really like the plugin and I want to keep using it. BWPS has never given me any trouble just security and the ease of mind and I expect the same from this upgrade.
Thx.

the same issue happened here 🙁

I wonder if anyone is ever monitoring this thread? Will ever someone answer us? Or how can we reach the developers?

Hi! the developers are aware of this. This craze begun last friday and they are working ahrd to fix it. In the meantime, do what I did: uninstall de plugin, download the last stable version from the below link and reconfigure everything as used to be:
http://downloads.wordpress.org/plugin/better-wp-security.3.6.6.zip
It’s a PITA, I know, I manage dozens of sites where I couldnt upgrade the plugin. Fortunately I read the forum thread before updating and noticed something gone wrong, so I upgraded only one test site in a subdomain and didnt wreak havoc. The only solution TODAY, is to downgrade to Better WP Security 3.6.6. iThemes’ version will eventually be fixed these days, but to keep things working and safe, just downgrade now!
Best regards.

mthomas80, I tried the instructions at the link you provided, and it didn’t work. Maybe my mySQL works different from theirs. I just got an error message that tells me that data file doesn’t exist.

Anyone have a helpful suggestion? I am completely locked out of my wordpress site.

If you’ve been using Better WP security there’s a good chance it’s changed your table prefix ‘wp_’ to something else.

To find your table prefix, look in your wp_config folder and it’ll be next to where it says;

$table_prefix = ‘wp_’;

but, instead of wp it’ll have something else.

if you modify the code from the article I posted, for example, let’ say in your wp_config next to table prefix it reads, = ‘rgydh_’;

instead of,
SELECT *FROM wp_options WHERE option_name = ‘active_plugins’;

you would put in,
SELECT *FROM rgydh_options WHERE option_name = ‘active_plugins’;

Unless it’s a different issue you have, then I don’t know.

Thanks for posting grampachiefy. I just read that thread. Looks like I still need to delete the database entries.

Disabling the plugin and reactivating it later isn’t enough!

This has been the most stressful day yet as a web designer!

Guys, if you see a notice that says, “Sufficient permissions…” when you try to access wp-admin it’s because the ‘hide backend’ option is checked.

I present on a golden plate a simple solution:

1) Go to your database using phpmyadmin.

2) Go to the wp_options table.

3) Search for ‘itsec_hide_backend”

4) Change ‘enabled’ to ‘disabled’

5) Go to wp-admin and it should work!