dwinden
Forum Replies Created
-
Is this happening while using the iTSec plugin 5.5.0 release ?
I’m particularly asking about the plugin release you are using because as of the 5.4.x (or higher) release your IP is automatically whitelisted …
dwinden
@serge Pameur
Remove the manage_options capability from the Editor role.
Note by default the Editor role does not have the manage_options capability.
dwinden
Are you able to access:
http://content.example.com/plugins/better-wp-security/lib/icon-fonts/icon-fonts.css
And what happens when you temporarily comment the WP_CONTENT_DIR line in wp-config.php file like this:
//define( 'WP_CONTENT_DIR', dirname(__FILE__) . '/content' );dwinden
According to the 5.5.0 Changelog:
New Feature: Added a new File Permissions section on the settings page to bring back the directory and file permissions listing feature found on the Security > Dashboard page of older plugin versions.
As this is no longer an issue please mark this topic as ‘resolved’.
dwinden
According to the 5.5.0 Changelog:
New Feature: Added a new File Permissions section on the settings page to bring back the directory and file permissions listing feature found on the Security > Dashboard page of older plugin versions.
As this is no longer an issue please mark this topic as ‘resolved’.
dwinden
This is done automatically in the iTSec plugin.
The only thing you can do is override the default IP detection behavior which is NOT what you want.
If the Override Proxy Detection setting in the Global Settings is currently ticked UNtick it.
dwinden
With all due respect, you THINK your secret login slug is being accessed.
But there are other ways of doing WordPress login attempts, like using XMLRPC. Is XML-RPC currently disabled under the WordPress Tweaks module ?
You HAVE to determin the login attempts method.
Otherwise you’re just guessing and you’ll never find a solution.
Contact your hosting provider and ask them to help you look at the server log file(s).
dwinden
Do you actually see in the server log files that your secret backend slug is being accessed repeatedly ?
Is your site offering a login link on the homepage that exposes your hidden backend slug ?
dwinden
Never mind. It seems the Firefox update to version 47.0 did the trick in my case.
@christian
Read this and remember Google is your best friend 😉dwinden
Hey Gerroald,
Does this feature actually work for you ?
dwinden
Correction: Manually editing the theme_compat_slug setting in the database does work.
Previously I made a stupid mistake while editing which broke the Hide Backend functionality.
Use phpMyAdmin and look for the itsec-storage option in the wp_options table.
Search for and change:
s:17:”theme_compat_slug”;s:9:”not_found”;
into:
s:17:”theme_compat_slug”;s:0:””;
dwinden
Fully agree with you. The new 5.4.x UI breaks a LOT of things …
It will probably take a while before all these bugs get fixed again.My advise: downgrade to the 5.3.7 release and come back for reevaluation in 6 months.
dwinden
The “Add InfiniteWP Compatibility” setting still exists under the Global Settings. It’s normally positioned between the “Path to Log Files” and “Allow Data Tracking” settings.
However it will only be visible when the wp-content/plugins/iwp-client folder exists !
So most settings are in their usual spot. This is just a tricky one.
Perhaps the Video Walk-through on this page is usefull to you.
(Though you won’t find the InfiniteWP info I just provided there).dwinden
Ah right, I tested while using the 5.3.7 release.
So I just tested again in 5.4.5 and indeed it does no longer work.
Even tried to manually empty the settings value as stored in the database but I’m sorry to say it simply does not work anymore 🙁dwinden