WordPress.org

Ready to get started?Download WordPress

Forums

All In One WP Security & Firewall
Features that are labelled "Advanced" (17 posts)

  1. Tips and Tricks HQ
    Member
    Plugin Contributor

    Posted 10 months ago #

    We have a nice labeling system in this plugin for most of the features. Features that are labelled "Advanced" can break your site. Those are there for the *really advanced* users.

    Don't activate the features that are categorized as advanced unless you know what you are doing. There are plenty of basic and intermediate features that you can use and get very very good security protection/coverage.

    If you have activated an advanced feature and it broke your site then do the following:

    Step 1) Deactivate the plugin using this instruction:
    http://www.tipsandtricks-hq.com/deactivate-wordpress-plugins-without-logging-into-wp-admin-video-tutorial-4375

    Step 2) Reset your htaccess file using this instruction:
    http://www.tipsandtricks-hq.com/how-to-restore-the-htaccess-file-when-using-the-all-in-one-wp-security-plugin-5945

    You should be good after that.

  2. djantonius
    Member
    Posted 10 months ago #

    hi thx , i have acces but i can't login at another place then the ip get's blocked at that place
    thx

  3. mra13
    Member
    Plugin Author

    Posted 10 months ago #

    Do you have the login lockdown feature enabled?

  4. andresito
    Member
    Posted 6 months ago #

    I couldnĀ“t even follow those instructions cause I was lock out from the dashboard.

    I follow the instructions you gave on the links and never could regain access to the settings area (I did regain access to the dashboard, but never to the plugins settings)

    It was my first time testing this plugin but I gave up on it...

    Maybe bad luck...

    For me...this plugin is still buggy

  5. Tips and Tricks HQ
    Member
    Plugin Contributor

    Posted 6 months ago #

    It is likely you didn't fully remove all the rules from your htaccess files.

  6. odanu
    Member
    Posted 3 months ago #

    I am extremely frustrated. I have disabled the plugin from my FTP login, I have deleted its informatiion from my htaccess, and it still redirects me from wp-login to "redirect_to=http%3A%2F%2Fwww.mysite.com%2Fwp-admin%2F&reauth=1". Meanwhile, bots are using the time I have the addon turned off to sign up as users on my site... four of them in the last hour. This is a critical situation. Any advice would be nice right about now.

  7. mbrsolution
    Member
    Plugin Contributor

    Posted 3 months ago #

    Hi @odanu did you follow the instructions above from @Tips and Tricks HQ?

    Are you sure you don't have another plugin that is redirecting your site?

  8. Dr. Ashok Koparday
    Member
    Posted 3 months ago #

    Hi Ruhul,
    Greetings!

    Thank you for your magnificient plugin, All in One WP Security and Firewall.

    UpdraftPlus Backup Restore plugin was not able to use scheduler. On deactivating 'All in One WP Security and Firewall' plugin the error message disappeared and the WordPress Scheduler was back in work.
    Error message was:

    Warning: WordPress has a number (13) of scheduled tasks which are overdue. Unless this is a development site, this probably means that the scheduler in your WordPress install is not working. Read this page for a guide to possible causes and how to fix it.

    Will you kindly tell me which particular feature of the security plugin could be breaking the scheduler? This will help me use the security plugin effectively without any problem.

    Thanks and regards,
    Dr. Ashok Koparday

  9. mbrsolution
    Member
    Plugin Contributor

    Posted 3 months ago #

    Hi @Dr. Ashok Koparday can you confirm that the manual backup works with this security plugin? I have tested a manual backup and it worked on my testing site.

    Try the following if you have them activated.

    Do not activate the following options:

    • WP Security -> Filesystem Security -> Disable Ability To Edit PHP Files:
    • WP Security -> Filesystem Security -> Prevent Access to WP Default Install Files:
  10. Dr. Ashok Koparday
    Member
    Posted 3 months ago #

    Hi Manuel,
    Greetings!

    Yes, the manual backup works with UpdraftPlus when the security plugin is active.

    I have not activated the Filesystem Security features mentioned by you.

    I have reactivated the security plugin. I shall observe for a day if the UpdraftPlus does the backup at the scheduled times and report to you.

    Thanks for your valuable assistance,
    (and the safety provided by the plugin)
    Dr. Ashok Koparday

  11. mbrsolution
    Member
    Plugin Contributor

    Posted 3 months ago #

    Hi @Dr. Ashok Koparday how are you trailing with your issue?

  12. Dr. Ashok Koparday
    Member
    Posted 3 months ago #

    Hi Manuel,
    Greetings.

    The All In One WP Security & Firewall is activated and the UpdraftPlus Backup is unimpeded.

    The All in One WP Security & Firewall is set at 185 points out of the total 460.

    The settings of both the plugins are to my satisfaction and perform well.

    Thanks for the security features you provide.
    Regards,
    Dr. Ashok Koparday

    PS
    The features of plugin are sturdy.
    I believe, however, it may be reassuring to users if with the rename login page URL you could also provide an additional password function.

  13. mbrsolution
    Member
    Plugin Contributor

    Posted 3 months ago #

    Hi Dr. Ashok Koparday in regards to the additional password function. What is your suggestion?

    Regards

  14. Dr. Ashok Koparday
    Member
    Posted 3 months ago #

    Hi Manuel,

    It is likely that the plugin gives more than adequate protection. You know best.

    My thoughts:
    # Rename Login Page and
    # Cookie Based Brute Force Prevention
    are two features that allow administrator to change the wp-login.php to another string of choice.

    I think admins may like having another string to be used like a password on this login page in addition to the usual wp password.
    Or
    it could be another feature independent of the above.
    So in the simplest way admin will see three boxes while logging.
    One for the username (this you recommend to be changed)
    Another for the usual password
    and third would be a string, which would act like an additional lock.

    Thanks for your attention,
    Best wishes,
    Ashok

  15. mbrsolution
    Member
    Plugin Contributor

    Posted 3 months ago #

    Thank you @Ashok for your suggestion. The developers will review your suggestion further.

    Kind regards

  16. Casperk
    Member
    Posted 2 months ago #

    Hi There,

    I locked myself out of my site, I followed your instructions above, and deleted the firewall part in my .htaccess file. Also I disabled all the plugins currently installed as you mentioned in the youtube videos. But I still get redirected to:

    http://www.example.com/wp-login.php?redirect_to=http%3A%2F%2Fwww.example.com%2Fwp-admin%2F&reauth=1.

    When I go to http://www.example.com/wp-admin.

    Are there any other solutions you can think of to get me out of this?

    Kind regards,
    Casper

  17. Casperk
    Member
    Posted 2 months ago #

    I found the solution, for some reason my files were with permission 664, when I changed wp-login.php to 644 it was working like a charm. See also: http://stackoverflow.com/questions/14532520/redirect-loop-on-wp-admin-or-wp-login-php

Reply

You must log in to post.

About this Plugin

About this Topic

Tags

No tags yet.