dwinden
Forum Replies Created
-
If the video indeed answers all of your questions please mark this topic as ‘resolved’.
dwinden
Watch and learn from the iThemes Security Hide Login Setting Overview video.
Do note that this is a pretty old video (+2 years). The presenter is Chris Wiegman the original developer of the (former Better WP Security) and iTSec plugin. Unfortunately he left iThemes in Feb 2015.
Anyway I do think this video will answer your questions.dwinden
So as far as I see. using ITS to protect my site works, ( somewhat) but I should be able to make 1 small change and give access to ONE folder. But no.
Yes, you can. But don’t look for a solution in the iTSec plugin.
You’ve learned which 2 iTSec plugin settings affect file/folder access and
now you only need to shift your attention towards webserver config.
Using an extra .htaccess file with proper content in the folder you want to give access to should do the trick.If you can’t get it to work on your hosting env don’t give up and contact your hosting provider. If they can’t assist you with such a basic web server task look out for a different hosting provider.
Oh and spending some of my time in this forum helps me learn new things. It doesn’t necessarily mean I like the plugin in its current form …
That said this security plugin does seem to have some potential. It just needs some extra effort to iron out a shit load of bugs …
Don’t forget about the other topic … 😉
dwinden
And the other topic ?
I tested my solution and it works in my test env …
Anyway it not an iTSec plugin issue but a standard web server access configuration issue.
I think I’ve been pretty helpful pointing out the iTSec plugin settings that you should be aware of.If I tick the tick out of Disable Directory Browsing then every folder that does not automatically have a index.php file in it can be viewed
You need to tick the Disable Directory Browsing setting. Not untick.
I guess we are both not good readers … 😉Ok, so according to you I’m trying to make the iTSec plugin look good …
Well actually the iTSec plugin is crap. It does NOT protect your website. I would NEVER EVER use it on a live website … and iThemes sucks. So how does that sound ?dwinden
Disabling the Schedule Database Backups setting alone should help get rid of this nasty issue once and for all.
The issue is related to database size and available RAM to complete the database backup.
dwinden
Is the Schedule Database Backups setting in the Database Backups section of the Settings page currently enabled ?
dwinden
Yes I disabled the whole plugin.
But have found that if I untick the Disable Directory Browsing then I can see the particular directory I am wanting to see.
However I can see EVERY other directory ( that doesnt have an index.php file) also which I dont want..Ok, so unticking the iTSec plugin Disable Directory Browsing setting turns out to be the answer to the question you initially opened this topic for. Right ?
So that answer/solution warrants this topic to be marked as ‘resolved’. Right ?However when the Disable Directory Browsing setting is unticked you can see EVERY other directory ( that doesnt have an index.php file) also (which I think is another issue).
Apparently your Apache web server main configuration file includes by default:
Options Indexes
Which is weird because it is not a secure thing to do.
Anyway this has nothing to do with the iTSec plugin.To get what you want you’ll probably need to:
– Enable the iTSec plugin Disable Directory Browsing setting.
– And manually create a .htaccess file in the single folder you want to give access to and include the following line:Options +Indexes
I tested the above and it works fine.
I guess if ITS dont want to help out in here then I am stuck or looking at another plugin that will allow me to do the job
iThemes could not care less …
(Note I’m not an iThemes employee …)
According to the FAQ section in the plugin readme.txt file:= Where can I get help if something goes wrong? =
* Official support for this plugin is available for iThemes Security Pro customers. Our team of experts is ready to help.Free support may be available with the help of the community in the WordPress.org support forums (Note: this is community-provided support. iThemes does not monitor the WordPress.org support forums).
So if you don’t mind please mark this (and the other older) topic as ‘resolved’.
dwinden
Ah I understand, because your hosting env is limited iThemes needs to implement your feature request … I’m such an idiot 😉
Changing the type of logging setting to “File Only” will TURN OFF logging to the database … consider it a workaround.
What are you going to do when you install a new plugin that causes the same error ?
Deal with the root cause (database account resource limit) of the issue or it will return somewhere in the future …
dwinden
The iTSec plugin does not provide one option to disable all logging.
You can only change the type of logging, “Database Only”, “File Only” or “Both”.
“File Only” could be an option to workaround any database account resource limit.Best thing to do is contact your hosting provider and ask what your options are for hosting without any database account resource limits.
If you don’t like the options that they offer consider switching to a different hosting provider.
Anyway any plugin with a lot of database interaction will increase the likelihood of running into this error on your current hosting env.
So as this is not an iTSec plugin specific issue please mark this topic as ‘resolved’.dwinden
I’m not aware of any official statement from iThemes regarding php compatibility.
Based on personal experience I can say it runs on php 5.2 to 7.0.
So yes, it runs fine on php 5.6.dwinden
Since you are not the topic starter you cannot mark it as ‘resolved’.
My previous post was addressed to the topic creator (@Pete).
But to answer your question. When you are the creator of a topic there is a checkbox ‘Resolved’ which you should tick underneath the Reply form.
dwinden