dwinden
Forum Replies Created
-
Based on your response it looks like you don’t have any File Changes Detected entries/records displayed in the Logs page.
If you select File Change History from the Select Filter: dropdown listbox at the top of the Logs report 0 records will probably be displayed in the Logs page.
I think you are suffering from a database issue which prevents any iTSec plugin File Change Detection log records from being saved in your database. I’ve seen this issue before.
Check your web server error_log file for any errors.
dwinden
Please clarify.
You do not have any File Changes Detected entries in the main Logs page ?
Or File Changes Detected entries exist but the Details link is showing no Added, Removed, Changed values ?
dwinden
@travis Pflanz
Thank you for repeating what I already stated in my earlier post … π
The same post also mentioned that for any issue(s) with the iTSec Pro plugin reCAPTCHA feature one should open a support ticket with iThemes here.
That said I would personally be interested in any addional information resulting from debugging the issue.
dwinden
Based on this message I see absolutely no reason to get worried.
This is a really good example of jumping too fast to wrong conclusions.
The message does not identify exactly how the website got hacked.
(It only says ” … attack through a security leak in your WordPress software” ).
It could be due to ANY vulnerable plugin or even a vulnerability in WordPress core or anything else …
Based on the 4.4.2 WordPress version specified for this topic, 2 months later, we now know it contained some serious vulnerabilities which were fixed in WordPress 4.4.3 and 4.5.2.The simple fact that there is a malicious file detected in the uploads/ithemes-security/backups/ folder does not mean that “the iThemes plugin is hacked”. The exact location of a malicious file says absolutely nothing about how the website got hacked.
The iThemes Security plugin is a preventive plugin. But even when properly configured a stupid mistake by the website owner/administrator or a WordPress core vulnerability may get it hacked. Once hacked the only way the iThemes Security plugin will be able to detect that is with the File Change Detection feature.
Using the iThemes Security plugin or any security plugin does not mean your website cannot get hacked. There is also some common sense involved as a website owner/administrator.Furthermore why was this topic posted in the iThemes Security plugin forum but not in the BulletProof Security plugin forum ?
After a quick look in the BulletProof Security forum I did find this 2 months old topic.Read it and it will put things in a different perspective.
As we are 2 months further since this topic was posted perhaps the topic owner (obertscloud) could give us an update on the situation ?
Anyway I think this topic should be marked as ‘resolved’.dwinden
Ok, but the iTSec plugin text in all tabs is now displayed in English.
I think the WPML plugin is for some reason dynamically translating the iTSec plugin “Security” menu option into “SΓ©curitΓ©”.
Do you have the “WPML String Translation” addon installed ?
dwinden
Thank you for your feedback.
Just to make sure your solution is clear for the community please confirm:
- you are running WordPress Dashboard 4.5.2 in French language
- you are using the latest French iTSec plugin (5.3.7) translation files with the necessary workaround included/applied to make the iTSec plugin translation work*
- you have set the WPML plugin language in WordPress Dashboard to English
(*The workaround is to NOT translate the “Security” string (or always translate it to “Security”) in the iTSec plugin translation files).
Restored my post after noticing confirmation from caral43.
dwinden
No worries, I had a feeling you needed some direction/guidance π
As this is no longer an issue please mark this topic as ‘resolved’.
dwinden
Actually it is related to the iTSec plugin. But it’s related to a different setting (System Tweaks -> System Files) which is not relevant
for this topic.Try my other ideas.
dwinden
Underneath the Disable Extra User Archives setting it says:
This makes it harder for bots to determine usernames by disabling post archives for users that don’t post to your site.
dwinden
Could it be the author chris-priest has 0 posts and the Disable Extra User Archives (Disables a user’s author page if their post count is 0.) setting in the WordPress Tweaks section of the iTSec plugin Settings page is enabled ?
I noticed the author page does work for other authors …
dwinden
File Change Detection (FCD) works fine in both WordPress 4.4.2 and 4.5.2.
So it looks like it is a FCD specific issue IN YOUR ENV.Check your web server error_log for any errors.
Post the data from any available FCD entries from the Logs page (Select Filter: –> File Change History).
Try and enable the Split File Scanning setting (if not already).
dwinden
Ok, in that case I think it is best to contact hostgator and ask them to remove the file mentioned in my earlier post for you (if it exists).
As to preventing the lockout you should permanently whitelist your IP address in the Global Settings section on the iTSec plugin Settings page once you get back in. And disable the Away Mode feature…
Are you sure you are trying to login with the correct credentials ?
It sounds like it’s been a while since you actually logged in.
If unsure reset your password by clicking on the Lost your password? link on the WordPress Dashboard login page.Hope this helps.
dwinden
Are you running WordPress in French language ?
If so, your issue was caused by an incorrect iTSec plugin French translation on translate.wordpress.org.
As a result of updating the French translation on May 12 by fxbenard on translate.wordpress.org the issue was fixed.
If you require no further assistance please mark this topic as ‘resolved’.
dwinden