Title: Disappeared from Google Last modified: August 30, 2016 --- # Disappeared from Google * [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years, 5 months ago](https://wordpress.org/support/topic/disappeared-from-google/) * Hi * Last week I noticed a decline in visitors and after some searching realised that my site suddenly wasn’t appearing in Google search engines. * I contacted my hosting company and they said: “_Multiple IPs are denied in . htaccess. You might need to check site setting by renaming .htaccess file for site I would suggest you to check ,htaccess setting with site developer_“ * I explained that I didnt have a developer and they said: * “_I have renamed original .htaccess file as .htaccess-backup and created a new. htaccess file with required wp code. Please do not block unwanted ips from IP deny manager. Regarding wordpress security you should make sure plugins should not google analyse Ips_“ * They then recommended I disabled iThemes security which I was reluctant to do so they said to monitor it for a few days. * I explained that I was having around 20-30 notifications of lockouts a day eg– A host, 37.157.196.146, has been locked out of the WordPress site at [http://www.mydomain.co.uk](http://www.mydomain.co.uk) due to user tried to login as “admin.”. The host has been locked out permanently * and asked did this mean that my .htaccess file would get full of multiple IP’s again and the problem occur again? * They responded saying: * “_Further to this it seems that there were multiple ip’s and range blocks that may have resulted in no access to your domain from those IP’s/region which affected your site visibility in certain region and hence the ranking may have went down due to site not accessible._ * What I suggest you is to keep the security plugin active for some days and check if the site ranking goes up again as the site must be accessible again to other users which was previously blocked due to the .htaccess code“ * My site has since re-ranked but I am so concerned that it will happen again. * I have version 5.0.1 installed of ithemes * Has anyone had experience of this before? Can anyone recommend anything to avoid this happening again. * I appreciate any advice and thank you in advance for your help. * [https://wordpress.org/plugins/better-wp-security/](https://wordpress.org/plugins/better-wp-security/) Viewing 11 replies - 1 through 11 (of 11 total) * Thread Starter [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years, 5 months ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822056) * BTW I have the following settings: * Blacklist Threshold – 1 Lockouts * The number of lockouts per IP before the host is banned permanently from this site. Blacklist Lookback Period – 7 Days * How many days should a lockout be remembered to meet the blacklist count above. Lockout Period – 240 Minutes * Local brute force protection is enabled * Max Login Attempts Per Host – 2 Attempts Max Login Attempts Per User – 2 Attempts * Automatically ban “admin” user is enabled * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 2 months ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822278) * [@eic2010](https://wordpress.org/support/users/eic2010/) * There is no need to change any of the default settings. So return these (and any others) to their default values. * Blacklist Threshold – 3 Lockouts * Lockout Period – 15 Minutes * Max Login Attempts Per Host – 5 Attempts Max Login Attempts Per User – 10 Attempts * The iTSec plugin **Brute Force Protection** feature may affect your sites performance( through large amounts of IPs banned in .htaccess) causing your site to drop in google rankings. Simply prevent any login attempts from happening. Whether this is feasible for your site depends on the site offering login or not and other settings. * That said it is normally the iTSec plugin **404 Detection** feature that causes trouble for the googlebot. So is this feature enabled ? * The two plugin features that potentially impact site performance the most are** Scheduled Database Backups** and **File Change Detection**. If enabled it would be best to let WP Cron handle these tasks instead of at page load/site access. This can be achieved by defining certain constants in the wp-config.php file. * Scheduled Database Backups -> ITSEC_BACKUP_CRON * File Change Detection -> ITSEC_FILE_CHECK_CRON * For example: * ``` define('ITSEC_BACKUP_CRON', true); define('ITSEC_FILE_CHECK_CRON', true); ``` * If the iTSec plugin is causing trouble it’s often because it was not configured properly. One-Click security does not exist … * dwinden * Thread Starter [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years, 1 month ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822279) * Hi * Thank you for all your help. * I’ll change the settings back to default, is there somewhere where I can find all the recommended settings? * Yes at the moment 404 Detection, local brute force protection, scheduled database backups and file change detection are all enabled. Would it therefore be best to disable these? * You say “Simply prevent any login attempts from happening” would this be by hiding the backend? We dont allow login to our site by our visitors. * Sorry for all the questions, I’m still learning! * Thanking you again for all your help, I really appreciate it. * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822280) * [@eic2010](https://wordpress.org/support/users/eic2010/) * To restore all the default settings simply deactivate & delete the iTSec plugin. Then reinstall the plugin. * If an iTSec plugin feature is causing problems for your site you can disable the feature while trying to figure out a solution. Use the iTSec plugin Logs page to get an idea of what effect/impact enabled features have to your site. * The idea behind the iTSec plugin is to enable only those features that won’t cause your site any troubles. But keep in mind with every feature that you disable your site becomes less secured. So ideally you would want to enable as much features as possible. For some features not to cause troubles for your site you may need to do some required tweaking first. * Yes, in case you are not allowing visitors to login (like not providing a login link on the frontend) Hide Backend is a very effective feature to prevent bots from doing automated login attempts. * dwinden * Thread Starter [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years, 1 month ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822281) * Hi Thank you I really appreciate your help, especially as it’s just happened again with my hosts telling me “that plugin added the deny access rule in your website .htaccess files.” I don’t know how or why it’s done this? * I’ll delete it and try re-installing it to see if that helps and I’ll try hiding the backend though last time I tried this it crashed my site! * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 1 month ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822282) * [@eic2010](https://wordpress.org/support/users/eic2010/) * Keep in mind there are 2 brute force attack vectors. * The most common one is wp-login.php. Enabling the Hide Backend feature will not only make your login slug a secret but it will also block wp-login.php login attempts. * The other one is xmlrpc.php. You can disable xmlrpc from the WordPress Tweaks section on the iTSec plugin Settings page. * Ideally you should have a look at the Apache web server error_log to determin which of the 2 above mentioned brute force attack methods is used to attack your site (perhaps even both). * If there are many many wp-login.php request entries in the error_log enabling the Hide Backend feature will protect you against the current brute force attack( s). * If there are many many xmlrpc.php request entries in the error_log disabling xmlrpc will protect you against the current brute force attack(s). Note there is also an advanced xmlrpc brute force attack where there is only one xmlrpc. php request logged while in fact that single request contains a multiple login attempts payload. * What I’m trying to say is that it is best to analyze how these brute force attacks are currently being executed upon your site. This will help in determining the best way to counteract the current brute force attacks. * Once you are back in control you can decide to further strengthen your site’s security. * dwinden * Thread Starter [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822287) * Hi Apologies for the delay in replying. Firstly thank you so much for all your help, I really appreciate it. Secondly I re-installed the plugin to its default settings and have successfully managed to hide the backend though still seem to be getting notifications of lockouts. I’m assuming this is down to the xmlrpc. php? I was reading more about this at [https://wordpress.org/support/topic/countless-lockouts-from-login-even-after-hiding-backend](https://wordpress.org/support/topic/countless-lockouts-from-login-even-after-hiding-backend) I’m waiting for my hosts to confirm to me where they are coming from but am I right in saying that if disable the xmlrpc that some functions of my site may break? * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822288) * [@eic2010](https://wordpress.org/support/users/eic2010/) * Yes, disabling XMLRPC may (or may not) break some functionality of your site. It will depend on whether you are using any features that require XMLRPC. * dwinden * Thread Starter [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822289) * Hi again, following on from my last posts my hosts have confirmed it is via xmlrpc. php * Thread Starter [eic2010](https://wordpress.org/support/users/eic2010/) * (@eic2010) * [10 years ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822290) * Sorry to trouble you again but I hid my backend and all was fine until this morning when I woke to find nearly 400 lockout attempt notifications. All said someone had tried to log in with the username ‘admin’ Most were from different IP addresses. If I’ve hid my backend how are these still happening? * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822291) * [@eic2010](https://wordpress.org/support/users/eic2010/) * Check the web server error_log to see how “they” tried to login. If XMLRPC is not disabled then there is a good chance it was an XMLRPC brute force attack. The web server error_log should tell you. * dwinden Viewing 11 replies - 1 through 11 (of 11 total) The topic ‘Disappeared from Google’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 11 replies * 2 participants * Last reply from: [dwinden](https://wordpress.org/support/users/dwinden/) * Last activity: [10 years ago](https://wordpress.org/support/topic/disappeared-from-google/#post-6822291) * Status: not resolved