I checked out .htaccess file. Its weird because it was modified today. Around 4:30 which was about when everything starting going weird and I got this error. This is the first thing listed:
# BEGIN iThemes Security
#Quick ban IP. Will be updated on next formal rules save.
SetEnvIF REMOTE_ADDR “^108\.181\.117\.121$” DenyAccess
SetEnvIF X-FORWARDED-FOR “^108\.181\.117\.121$” DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP “^108\.181\.117\.121$” DenyAccess
order allow,deny
deny from env=DenyAccess
deny from 108.181.117.121
allow from all
# BEGIN Hide Backend
# Rules to hide the dashboard
RewriteRule ^(/)?wplogin/?$ /wp-login.php [QSA,L]
# END Hide Backend
# BEGIN Tweaks
# Rules to block access to WordPress specific files
<files .htaccess>
Order allow,deny
Deny from all
</files>
<files readme.html>
Order allow,deny
Deny from all
</files>
<files readme.txt>
Order allow,deny
Deny from all
</files>
<files install.php>
Order allow,deny
Deny from all
</files>
<files wp-config.php>
Order allow,deny
Deny from all
</files>
<IfModule mod_rewrite.c>
RewriteEngine On
# Rules to protect wp-includes
RewriteRule ^wp-admin/includes/ – [F]
RewriteRule !^wp-includes/ – [S=3]
RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
RewriteRule ^wp-includes/[^/]+\.php$ – [F]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php – [F]
RewriteRule ^wp-includes/theme-compat/ – [F]
# Rules to prevent php execution in uploads
RewriteRule ^(.*)/uploads/(.*).php(.?) – [F]
</IfModule>
# END Tweaks
# END iThemes Security
I’m not very familiar with this kind of code. I know its not right, but I’m not sure what to tweak or get rid of. I really think this could be the source of the problem
Any thoughts :D?
Sounds like whatever this iThemes Security is blocked your own IP address from accessing the site. Especially if your IP address happens to be 108.181.117.121. Check on https://www.whatismyip.com/ or similar site.
Using FTP or your Webhost’s cPanel File Manager or whatever I would rename that .htaccess file to .htaccess-old
Or edit the file and get rid of these lines:
SetEnvIF REMOTE_ADDR "^108\.181\.117\.121$" DenyAccess
SetEnvIF X-FORWARDED-FOR "^108\.181\.117\.121$" DenyAccess
SetEnvIF X-CLUSTER-CLIENT-IP "^108\.181\.117\.121$" DenyAccess
deny from env=DenyAccess
deny from 108.181.117.121
I’d then disable that iThemes thing or see if there is some way to whitelist your IP address so it doesn’t ban you again.
OH MY GOODNESS!!!!
MarkRH you are a godsend!!!! I’ve been racking my brain for the last 5hrs, clearing everything to no avail! I removed the lines you suggested and poom! I was back in my site!!! I locked myself out somehow and had my IP adress blocked. I whitelisted my IP and everything is back to normal. THANK YOU so much for your help!!!! Truly Truly appreciate it 😀
Cool. Glad that worked. If you happen to read this might go ahead and mark the thread as resolved. 🙂
Hi fumbling, MarkRH
Can you please show me how do you find the htaccess file in cPanel?
Go into cPanel, click File Manager, go to the directory where the blog’s files are and in there will be the .htaccess. For specifics check with your webhost. Depending on the webhost it may not even have cPanel.
Using an FTP program like FileZilla would also work. They should have given you instructions how to access your files in the server.
Anyway, I’d start your own thread. Since this is marked Resolved by the OP.
