The Support Forums will be in read-only mode for a scheduled maintenance window on 01 September 2016 14:00 UTC - 20:00 UTC. More information.

iThemes Security (formerly Better WP Security)
Can't login and keep receiving 50+ File Change Warning emails a day (9 posts)

  1. zoedykes
    Posted 2 years ago #

    I keep receiving 50+ emails a day saying 'A file (or files) on your site at http://plumpypanda.co.uk have been changed. Please review the report below to verify changes are not the result of a compromise.' and also since this has happened it won't let me log in with my username or password, or even let me reset my password.


  2. efernandez
    Posted 2 years ago #


    I am having exactly the same issue. I/O Usage is up to the roof after the site has been moved to a new server, possibly triggering so many emails because it detects it as a change for each file.

    Any idea?

  3. efernandez
    Posted 2 years ago #

    It seems that the file change detection is buggy or tries to send an email after every change, and thus monopolises resource on the server.

  4. efernandez
    Posted 2 years ago #

    You can try this:

    It helped me rescue my system.

    But definitely, the file change detector is too dangerous.

  5. Richard
    Posted 2 years ago #

    Is there another workaround to this problem?

    Got the same problem starting today, I have 380+ File Change Warning emails already!

  6. ganeshbala
    Posted 2 years ago #

    I had the same problem.

    I had to login via FTP and get rid of this plugin.

    After which I was able to login to the site.

    This was a complete surprise to me and it was annoying to see emails saying something was updated and the email had not a single info about the files that were changed.

    The error_log kept growing and caused disk issues as well.

  7. Zaek
    Posted 2 years ago #

    Huh, so its not just me. I was frekn paranoid for like a week! But, now I am pretty sure it is just common process for each plugin and bwps freaks out, because it just does. Looking over my logs, no sign of malware, or intruders.

  8. keithvaugh
    Posted 2 years ago #

    I'm experiencing the very same problem on three sites with the plugin active. I've had to rename the plugin folder via ftp before I could gain access the site. The behaviour persists until the error log reaches its capacity and then the site crashes.

    There doesn't appear to be a fix for this issue. On one of my sites I deleted the plugin and then reinstalled it. The issue returned as soon as this was done.

    Its such a shame that this wonderful plugin has become so unstable and there doesn't appear to be a fix in sight.

  9. Ate Up With Motor
    Posted 2 years ago #

    I previously discovered the hard way that it's not a good idea to simply delete the plugin folder without uninstalling. If you do that, you won't completely remove it (which can create conflicts with other plugins) and won't be able to reinstall.

    If you're having problems with internal server errors, what you might try is accessing the site via FTP or shell, downloading the wp-config.php file, and looking for this line:

    define( 'BWPS_FILECHECK', true );

    Comment this out (adding two slashes in front of it should do the trick) and upload the edited file in place of your existing wp-config.php. This will disable the file checking system.

    If that allows you to log in again (it did for me), go into the Security options and uncheck the box for "Enable File Change Detection." (If you comment out the line in wp-config, the plugin may still think the feature is enabled even though it's not.) That will stop the file checking.

    At that point, if you want to get rid of BWPS, you can deactivate and uninstall it. You could also leave file checking turned off and get a different plugin to monitor file changes. I guess BWPS' file checker is load-heavy, which can be a problem on shared servers.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic


No tags yet.