Title: A2BCool's Replies | WordPress.org

---

# A2BCool

  [  ](https://wordpress.org/support/users/a2bcool/)

 *   [Profile](https://wordpress.org/support/users/a2bcool/)
 *   [Topics Started](https://wordpress.org/support/users/a2bcool/topics/)
 *   [Replies Created](https://wordpress.org/support/users/a2bcool/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/a2bcool/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/a2bcool/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/a2bcool/engagements/)
 *   [Favorites](https://wordpress.org/support/users/a2bcool/favorites/)

 Search replies:

## Forum Replies Created

Viewing 15 replies - 1 through 15 (of 15 total)

 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Security message appears when accessing site via Google – how to fix?](https://wordpress.org/support/topic/security-message-appears-when-accessing-site-via-google-how-to-fix/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years ago](https://wordpress.org/support/topic/security-message-appears-when-accessing-site-via-google-how-to-fix/#post-7287139)
 * You should ask BlueHost about SNI (Server Name Indicator) support, which allows
   the use of a shared IP for multiple SSL certificates, any version of cPanel released
   in the last year should support SNI. If they do not support a free or inexpensive
   SSL certificate, it is time to search for a new host that meets your needs.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Is it possible for malware/security attacks to cause white screen of death?](https://wordpress.org/support/topic/is-it-possible-for-malwaresecurity-attacks-to-cause-white-screen-of-death/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 2 months ago](https://wordpress.org/support/topic/is-it-possible-for-malwaresecurity-attacks-to-cause-white-screen-of-death/#post-7105324)
 * certainly, WSoD can be caused by malware.
 * generally, WSoD can be caused by fatal errors in php with error reporting turned
   off (which is normal in production sites). Any malware/compromise that adds bad
   php code into a file will cause 500 errors. by turning on WP_DEBUG in wp-config.
   php and in your php.ini, fatal errors caused by bad code will present themselves.
 * Also, runnnig out of memory is a very likely cause of WSoD, or a general server
   misconfiguration with php.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Plugin: WP Security] [Plugin: Multilanguage] Cannot log in – site doesn't exist](https://wordpress.org/support/topic/plugin-wp-security-plugin-multilanguage-cannot-log-in-site-does-not-exis/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/plugin-wp-security-plugin-multilanguage-cannot-log-in-site-does-not-exis/#post-7036454)
 * hi nikalenagirl. looks like you already solved this as [http://www.nikalena.de/wp-login.php](http://www.nikalena.de/wp-login.php)
   is currently working as your login url.
 * `RewriteRule ^(/)?wplogin/?$ /wp-login.php [QSA,L]`
    will make the exact URL 
   exactly [http://www.nikalena.de/wplogin](http://www.nikalena.de/wplogin) use 
   the wp-login.php file instead of looking for a folder or file called wplogin.
 * if ^ at the beginning of the rewrite rule is very important there, as it forces
   the wplogin to be at the beginning of the url following the TLD.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Am I ready for the responsibility of security?](https://wordpress.org/support/topic/am-i-ready-for-the-responsibility-of-security/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/am-i-ready-for-the-responsibility-of-security/#post-6743538)
 * security plugins like iThemes security should not cost you anything to get the
   standard locked-down feeling that you desire on a self hosted site. There are
   options to turn on automatic core updates and automatic plugin and theme updates
   within self-hosted WordPress which can be found on the WordPress.org Codex.
 * [https://codex.wordpress.org/Configuring_Automatic_Background_Updates](https://codex.wordpress.org/Configuring_Automatic_Background_Updates)
 * a good guide to security for self hosted sites is here: [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
 * the security plugins in the wordpress.org repository that can be downloaded from
   within wp-admin basically do all of what is listed on that codex page and then
   some without having to know about web server configurations.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [Security Plugins](https://wordpress.org/support/topic/security-plugins-11/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/security-plugins-11/#post-6669449)
 * iThemes security is a good go-to plugin for overall security. [https://wordpress.org/plugins/better-wp-security/](https://wordpress.org/plugins/better-wp-security/)
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [Wordfence Security This file may contain malicious executable code](https://wordpress.org/support/topic/wordfence-security-this-file-may-contain-malicious-executable-code/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/wordfence-security-this-file-may-contain-malicious-executable-code/#post-6659694)
 * I would ask your hosting company if there is a scan that can be used to check
   for malware.
 * One of your plugins either uses this bad practice of running eval on base64 encoded
   code or your site has been compromised. many “premium” plugin authors use eval(
   base64_decode(“obfuscated code here”)) in order to hide the code of the plugin.
   This is generally a violation of the GPL and you should avoid using plugins that
   use this method.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [Wordfence Security This file may contain malicious executable code](https://wordpress.org/support/topic/wordfence-security-this-file-may-contain-malicious-executable-code/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 6 months ago](https://wordpress.org/support/topic/wordfence-security-this-file-may-contain-malicious-executable-code/#post-6659652)
 * yes, delete this file, it is in the cache directory so nothing will break.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Jetpack] "IP has been flagged for potential security violations" but not my IP](https://wordpress.org/support/topic/jetpack-ip-has-been-flagged-for-potential-security-violations-but-not-my-ip/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/jetpack-ip-has-been-flagged-for-potential-security-violations-but-not-my-ip/#post-6635001)
 * You may want to explicitly block the IP address that is causing this issue.
 * You could add the following into your .htaccess file to prevent that ip from 
   even accessing your site.
 *     ```
       Order Deny,Allow
       Deny from x.x.x.x
       ```
   
 * you mentioned supercacher earlier, are you by chance hosted by SiteGround? It
   is possible that the ip showing is the memcached or varnish cache server.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Jetpack] "IP has been flagged for potential security violations" but not my IP](https://wordpress.org/support/topic/jetpack-ip-has-been-flagged-for-potential-security-violations-but-not-my-ip/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/jetpack-ip-has-been-flagged-for-potential-security-violations-but-not-my-ip/#post-6634923)
 * Hello,
 * This can happen if you are using a full page cache in WordPress such as W3 Total
   Cache or WP Super Cache or possibly a CDN or Varnish-like cache. Clear all types
   of cache and see if the message persists.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [security – username is discovered by bot](https://wordpress.org/support/topic/security-username-is-discovered-by-bot/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 7 months ago](https://wordpress.org/support/topic/security-username-is-discovered-by-bot/#post-6618768)
 * If you would like to add a layer of security look into a two-factor authentication
   system like Duo or clef.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] How can I know the passwords used by Brute Force Attack ?](https://wordpress.org/support/topic/how-can-i-know-the-passwords-used-by-brute-force-attack/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/how-can-i-know-the-passwords-used-by-brute-force-attack/#post-6525204)
 * Hello Kreeger,
 * iThemes Security should not store the passwords used to log in. This would be
   a security concern in itself if the plain text passwords used on the site were
   stored in the database.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [itheme security Hide Backend Setting](https://wordpress.org/support/topic/itheme-security-hide-backend-setting/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/itheme-security-hide-backend-setting/#post-6506244)
 * Any slug for the login will work to prevent a “blind” bot from brute-force attacking
   your site.
 * It will not; however, prevent a bot with some intelligence behind it from finding
   your new login page.
 * To further prevent bots from using resources by hitting the new 404 page, make
   sure that the 404 page is static and does not use the database.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [Are security plugins really necessary?](https://wordpress.org/support/topic/are-security-plugins-really-necessary/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [10 years, 9 months ago](https://wordpress.org/support/topic/are-security-plugins-really-necessary/#post-6442662)
 * Security plugins certainly make it much easier to secure your site; however, 
   most of what you need to secure your site can be found in the WordPress Codex
   on [Hardening WordPress](http://codex.wordpress.org/Hardening_WordPress).
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [iThemes security login page URL](https://wordpress.org/support/topic/ithemes-security-login-page-url/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [11 years, 2 months ago](https://wordpress.org/support/topic/ithemes-security-login-page-url/#post-5794208)
 * Hi Vishy,
 * I like to use the wp-cli for these problems. If you have the wp-cli installed,
   you can do a simple command line
    `wp eval 'echo wp_login_url()."\n";'`
 * or
 * you can make a file called wheresmylogin.php in your root wordpress directory
   with the following code in it:
 *     ```
       <?php
   
       include 'wp-load.php';
       echo wp_login_url();
   
       ?>
       ```
   
 *   Forum: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
   
   In reply to: [WordPress security question](https://wordpress.org/support/topic/wordpress-security-question/)
 *  [A2BCool](https://wordpress.org/support/users/a2bcool/)
 * (@a2bcool)
 * [11 years, 6 months ago](https://wordpress.org/support/topic/wordpress-security-question/#post-5421350)
 * The pattern of page visits in your logs appears to be a manual login and edit
   of each of those files. Note that each step that a person would have to take 
   to get to the file editor was taken. A bot would have logged in and posted directly
   to /wp-admin/theme-editor.php
 * Check to see if there is a new administrator user on the site and look in your
   plugins and themes folders for any unused or outdated plugins and/or themes.
 * The fact that there were not large numbers of attempts to POST to wp-login.php
   means that the user that did this has a username and password. if you have backups
   of your site, I would use one before [20/Oct/2014:07:38:11 +0400] and update 
   all plugins and themes.

Viewing 15 replies - 1 through 15 (of 15 total)