beardedginger
Forum Replies Created
-
Hi,
If you are unable to log in you can add the code below into the wp-config.php file anywhere as long as it is between the first line ( <?php ) and the line that says / That’s all, stop editing. Happy Blogging / to temporarily disable all features so you can log in.
define('ITSEC_DISABLE_MODULES', true);Once you are logged back in go to Security> Settings> Local Brute Force Detection and check how stringent the lockout settings are.
Thanks,
Matt
Hi,
Can you please post the full denial message or screenshot of the error upon login?
Thanks,
Matt
Hi,
I am sorry to hear about the confusion. The link below is an article describing more about lockouts below.
https://ithemes.com/ithemes-security-pro-lockouts-guide/
Thanks,
Matt
Hi,
That sounds like there may have been a recent update/change that could have caused a conflict. You can check for a conflict by deactivating all other plugins and see if that helps. If it does help, then reactivate the plugins one at a time to find the culprit(s), if any.
You could also test by checking for a theme conflict by switching to a default WordPress theme.
You may also install the Health Check plugin to help determine the cause of the issue.
https://wordpress.org/plugins/health-check/
Thanks,
Matt
Hi,
The suggestion above could certainly be the cause of a huge file change detection and you should look through the logs to see the last time the logs ran. If the changes made are from an update there is no cause for concern.
Each file that changes at all is logged. For my own sites, I scan the list and look for anything out of place; I expect changes in backups, caching, updated plugins, etc.
If I see a change for something that I personally didn’t update or have set to run automatically, that’s when I look at the file and start tracking down issues.
If your malware scan is coming up clear, that is another good indication that the changes you are seeing are part of the routine backgrounds in a WordPress site
You can exclude files and directories in the File Change Detection settings on the Settings page. The general rule is it’s okay to exclude ones that you know are going to be regularly updating. Backup and cache files are a perfect example of this. Doing so will calm a lot of the extra noise.
The plugin will only inform you of changes made (if modules are enabled) but it does not have the capability to inform you of any issues in regards to those changes.
Hi,
You will need to have the site scaped and cleaned. It is worth mentioning that if there is already an issue on the site, installing a security plugin will typically not be as helpful as having the site cleaned and then installing a security plugin to prevent future attacks.
Sucuri.net
SiteLock also offers a Secure Starter monthly plan for $29.99 that is for “informational websites with an existing security issue.” I also found that Sitegaurding.com has a couple of different options for malware removal.
https://www.sitelock.com/pricing#features
https://www.siteguarding.com/en/services/malware-removal-service
Thanks,
Matt
Hi,
The Hide Backend module will allow you to redirect any user attempting to access the Dashboard Login to a ‘Page Not Found’ but there is not a way to redirect to the home page via a login slug. If you have a timeframe that you would prefer the dashboard to be inaccessible you can use the Away Mode feature, that module will allow you to disable access to the WordPress Dashboard on a schedule forcing users to the homepage.
Thanks,
Matt
Hi,
If you upgrade to the most current version of Security Pro (6.5.1) does it resolve the issue?
Thanks,
Matt
Hi,
Thank you for bringing this to our attention. I have filed a report with the developers concerning this issue.
Thanks,
Matt
Hi,
Thank you for calling attention to this. In the future, can you try using the Settings Import and Export module to see if that helps the transition?
Thanks,
Matt
Hi,
I just wanted to let you know this is a known issue and will be fixed in the next release.
Thanks,
Matt
Hi,
You can add the code below into the wp-config.php file anywhere as long as it is between the first line ( <?php ) and the line that says / That’s all, stop editing. Happy Blogging / .
define(‘ITSEC_DISABLE_MODULES’, true);
That will disable all of Security’s features allowing you to log in.
Thanks,
Matt
Hi,
Thank you for bringing this to our attention! I will speak with the developers about this issue and get back to you when I have more information.
Thanks,
Matt
Hi,
Если это произойдет снова, вы можете добавить приведенный ниже код в файл wp-config.php в любом месте, если оно находится между первой строкой (<? Php) и строкой с надписью / Вот и все, прекратите редактирование. Happy Blogging / временно отключить все функции, чтобы вы могли войти.
define (‘ITSEC_DISABLE_MODULES’, true);
Благодарность,
Matt
Hi,
If you set the days to keep logs to 1, does it remove the log entries after a 24 hour period?
Thanks,
Matt