We have a nice labeling system in this plugin for most of the features. Features that are labelled “Advanced” can break your site. Those are there for the *really advanced* users.
Don’t activate the features that are categorized as advanced unless you know what you are doing. There are plenty of basic and intermediate features that you can use and get very very good security protection/coverage.
If you have activated an advanced feature and it broke your site then do the following:
Step 1) Deactivate the plugin using this instruction:
Step 2) Reset your htaccess file using this instruction:
You should be good after that.
hi thx , i have acces but i can’t login at another place then the ip get’s blocked at that place
I couldn´t even follow those instructions cause I was lock out from the dashboard.
I follow the instructions you gave on the links and never could regain access to the settings area (I did regain access to the dashboard, but never to the plugins settings)
It was my first time testing this plugin but I gave up on it…
Maybe bad luck…
For me…this plugin is still buggy
It is likely you didn’t fully remove all the rules from your htaccess files.
I am extremely frustrated. I have disabled the plugin from my FTP login, I have deleted its informatiion from my htaccess, and it still redirects me from wp-login to “redirect_to=http%3A%2F%2Fwww.mysite.com%2Fwp-admin%2F&reauth=1”. Meanwhile, bots are using the time I have the addon turned off to sign up as users on my site… four of them in the last hour. This is a critical situation. Any advice would be nice right about now.
Thank you for your magnificient plugin, All in One WP Security and Firewall.
UpdraftPlus Backup Restore plugin was not able to use scheduler. On deactivating ‘All in One WP Security and Firewall’ plugin the error message disappeared and the WordPress Scheduler was back in work.
Error message was:
Warning: WordPress has a number (13) of scheduled tasks which are overdue. Unless this is a development site, this probably means that the scheduler in your WordPress install is not working. Read this page for a guide to possible causes and how to fix it.
Will you kindly tell me which particular feature of the security plugin could be breaking the scheduler? This will help me use the security plugin effectively without any problem.
Thanks and regards,
Dr. Ashok Koparday
Hi @dr. Ashok Koparday can you confirm that the manual backup works with this security plugin? I have tested a manual backup and it worked on my testing site.
Try the following if you have them activated.
Do not activate the following options:
- WP Security -> Filesystem Security -> Disable Ability To Edit PHP Files:
- WP Security -> Filesystem Security -> Prevent Access to WP Default Install Files:
Yes, the manual backup works with UpdraftPlus when the security plugin is active.
I have not activated the Filesystem Security features mentioned by you.
I have reactivated the security plugin. I shall observe for a day if the UpdraftPlus does the backup at the scheduled times and report to you.
Thanks for your valuable assistance,
(and the safety provided by the plugin)
Dr. Ashok Koparday
Hi @dr. Ashok Koparday how are you trailing with your issue?
The All In One WP Security & Firewall is activated and the UpdraftPlus Backup is unimpeded.
The All in One WP Security & Firewall is set at 185 points out of the total 460.
The settings of both the plugins are to my satisfaction and perform well.
Thanks for the security features you provide.
Dr. Ashok Koparday
The features of plugin are sturdy.
I believe, however, it may be reassuring to users if with the rename login page URL you could also provide an additional password function.
Hi Dr. Ashok Koparday in regards to the additional password function. What is your suggestion?
It is likely that the plugin gives more than adequate protection. You know best.
# Rename Login Page and
# Cookie Based Brute Force Prevention
are two features that allow administrator to change the wp-login.php to another string of choice.
I think admins may like having another string to be used like a password on this login page in addition to the usual wp password.
it could be another feature independent of the above.
So in the simplest way admin will see three boxes while logging.
One for the username (this you recommend to be changed)
Another for the usual password
and third would be a string, which would act like an additional lock.
Thanks for your attention,
Thank you @ashok for your suggestion. The developers will review your suggestion further.
I locked myself out of my site, I followed your instructions above, and deleted the firewall part in my .htaccess file. Also I disabled all the plugins currently installed as you mentioned in the youtube videos. But I still get redirected to:
When I go to http://www.example.com/wp-admin.
Are there any other solutions you can think of to get me out of this?
- The topic ‘Features that are labelled "Advanced"’ is closed to new replies.