WordPress.org

Forums

All In One WP Security & Firewall
[resolved] Everything was fine - now can't access site (14 posts)

  1. Guppyman
    Member
    Posted 10 months ago #

    As the title states, all was working well and working on all my other sites. I can't do anything as admin without being sent to NSA.gov on the redirect I filled-out when setting up a setting that I can't remember which tab.

    Any help would be appreciated as to why I am locked out and the best way to get back in.

    Cheers. - Frank

    P.S. When I use my special login URL to employ my secret word - nothing happens.

    https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/

  2. mra13
    Member
    Plugin Author

    Posted 10 months ago #

  3. Guppyman
    Member
    Posted 10 months ago #

    My hosting does not have cPanel. Can I do anything via FTP without breaking anything else?

    OK. Now it is affecting all of my sites. I installed this because I was hacked. Does this mean that someone attempted to do so, again?

    Cheers. - Frank

  4. wpsolutions
    Member
    Plugin Author

    Posted 10 months ago #

    Guppyman,
    Rename the plugin folder to something else temporarily.
    Then (if you activated any firewall features) restore the original .htaccess file OR edit the current file and remove anything between the "All In One" tags.
    The above will get you back and running.

  5. Guppyman
    Member
    Posted 10 months ago #

    OK. I will attempt this in the morning as I have been at my machine since 5 AM and I am bleary-eyed. I will let you know how it goes.

    TYVM and have a good evening.

    One last thing. Why did this happen? I'll sleep much better tonight, knowing. :-)

    Cheers. - Frank

  6. Guppyman
    Member
    Posted 10 months ago #

    Which directory is .htaccess file in. I cannot locate it. - F.

  7. mbrsolution
    Member
    Plugin Contributor

    Posted 10 months ago #

    Hi @Guppyman the .htaccess file is located in the root of your website.

  8. Guppyman
    Member
    Posted 10 months ago #

    Sorry. No such file exists. I don't see a file by that name in any of my WordPress installs. What the heck is going on? I'm losing my mind. - F.

  9. mbrsolution
    Member
    Plugin Contributor

    Posted 10 months ago #

    What type of server are you using?

  10. Guppyman
    Member
    Posted 10 months ago #

    I have no idea. I am on DreamHost shared hosting. There is no cPanel. Only FTP.

    Here is the file list:

    LIST
    150 Opening ASCII mode data connection for file list
    DEALS
    favicon.gif
    favicon.ico
    index.php
    license.txt
    quickstart.html
    readme.html
    wp-activate.php
    wp-admin
    wp-blog-header.php
    wp-comments-post.php
    wp-config-sample.php
    wp-config.php
    wp-content
    wp-cron.php
    wp-includes
    wp-links-opml.php
    wp-load.php
    wp-login.php
    wp-mail.php
    wp-settings.php
    wp-signup.php
    wp-trackback.php
    -xmlrpc.php
    226 Transfer complete
    QUIT

    It is the same for all of my WP installations.

    Frank

  11. mbrsolution
    Member
    Plugin Contributor

    Posted 10 months ago #

    Hi @Frank, please read the following URL I found in DreamHost that might help you.

  12. Guppyman
    Member
    Posted 10 months ago #

    I can use FileZilla to create a new file in the directory, but where do I get a file to copy or upload? - F.

  13. Guppyman
    Member
    Posted 10 months ago #

    I think it will be a lot easier to just wipe the directory clean and start over.

    Since I can't get an answer as to why this might have happened, I will not turn that feature on when I reinstall the plugin, but then the question becomes is the plugin of any real benefit to preventing hackers from accessing my domain, without that feature turned on?

    You see my problem?

    Cheers. - Frank

  14. wpsolutions
    Member
    Plugin Author

    Posted 10 months ago #

    I think it will be a lot easier to just wipe the directory clean and start over

    No you should definitely NOT do that.
    Rename this plugin's folder as suggested earlier and then see if you can at least log back into your site.
    If you activated some firewall features and you can't find the .htaccess file, then ask your host provider to help you.

    is the plugin of any real benefit to preventing hackers from accessing my domain

    Yes it is - the plugin serves a useful purpose from the wordpress perspective and in terms of protecting access to your wordpress site amongst other things.
    There are other doors (not related to wordpress) which a hacker can utilise to get into your site not just wordpress.
    Therefore your question cannot be answered easily because it depends on many factors ranging from your host's server security through to your individual wordpress setup.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.