dwinden
Forum Replies Created
-
Two other things to check.
Does the issue reproduce when temporarily switching to the default English (United-States) WordPress language ?
Are there any errors in the web server error_log ?
dwinden
Like in one WP env Dutch and French in another WP env ?
(I guess you must be Belgian …)Is the text as displayed in the Dashboard tab of the iTSec plugin also in Dutch or French ?
What files exist in the wp-content/languages/plugins/better-wp-security folder ? If that folder exists at all …Has this ever worked correctly ?
If so did the issue start after upgrading to a certain iTSec plugin release ?dwinden
Check the web server error_log to see how “they” tried to login.
If XMLRPC is not disabled then there is a good chance it was an XMLRPC brute force attack. The web server error_log should tell you.dwinden
@anatoli Stancioff
Have you tried from different browsers ?
Are you using Apache Web Server ?
dwinden
Thank you for that clarification. Apparently it was necessary …
I guess putting that clarification in your first post would have contributed to a better understanding of this topic …Also instead of using the 2-words-only topic title “Bad backups” it would have been better to use something like:
Feature request: Add create DB info to Database Backup
Anyway I guess I’m the idiot and you’re perfect 😉
dwinden
The iTSec plugin Database Backup feature does not add a “create database …” statement to the backup file.
It only adds the following 3 types of statements to the backup file:- DROP TABLE IF EXISTS …
- CREATE TABLE …
- INSERT INTO …
So on restore you would normally need to create the database yourself and then import the database backup file into that database.
dwinden
Yep, wrong time zone is a known contributing factor.
Nice to hear you’re back in control 😉dwinden
Often people forget about Away Mode.
If enabled the iTSec plugin Away Mode feature will redirect users to the homepage when attempting to access the WordPress Dashboard.To workaround it manually delete the wp-content/uploads/ithemes-security/itsec_away.confg file or wait for the Away Mode time period to expire.
dwinden
It seems like something went wrong with your new topic.
Looks like the topic cannot be updated.You might try and tag it with “modlook” in order to draw the attention of a moderator. Hopefully they will be able to help.
dwinden
@nes – Native English Services
Enable the Hide security menu in admin bar setting in the Global Settings section (scroll to the last setting) of the iTSec plugin Settings page. Then click on the Save All Changes button.
If the above info answers your question please mark this topic as ‘resolved’.
dwinden
Copy\paste the file changes part into a new topic and I’ll be more than happy to respond to it there.
I guess this topic can be marked as ‘resolved’.
dwinden
Seems like your question got answered. If so please mark this topic as ‘resolved’.
dwinden
Can you update to the iTSec 5.3.7 release and confirm whether this issue is fixed ?
According to the 5.3.7 Changelog:
Bug Fix: Throw a real 403 instead of a faked 404 for hide backend – Fixes compatability with certain plugins including WordPress SEO. Hat tip to Joost de Valk (@jdevalk) and the @yoast team for bringing this issue to our attention.
dwinden
Enable the Remove File Writing Permissions
setting in the System Tweaks section on the iTSec plugin Settings page.444 = r–,r–,r– (user,group,world)
644 = rw-,r–,r– (user,group,world)
r = read
w = write
x = executeFor more info on file permissions read this.
dwinden
Personally I don’t worry at all about database growth.
By default logs are only kept for 14 days and it is configurable as well.When installed the iTSec plugin creates a WP cron job that will regularly purge any older (default 14 days) log entries.
Also when the plugin is properly configured log entries added are minimal.
Many many many log entries added in a short period of time is a typical symptom of the plugin not properly configured…dwinden