dwinden
Forum Replies Created
-
Did the iTSec plugin crash while installing it or while attempting to activate it ?
If you require no more assistance please mark this topic as ‘resolved’.
dwinden
When the iTsec plugin is removed and you have made sure the Hide Backend rewriterule is removed from the .htaccess and it is still redirecting obviously there is some other mechanism responsible for the redirect.
Have you checked for any custom code in the active theme functions.php file ?
Is there any other plugin active which includes a hide backend feature ?I noticed this URL for the Lost password link:
http://muvmag.com/wp-login.php?action=lostpassword&redirect_to=http://muvmag.com/login/
Note the redirect_to url parameter …
Anyway it looks like this is not an iTSec plugin issue.
dwinden
Did you whitelist your IP address temporarily (24h) or permanently ?
temporarily = iTSec plugin Dashboard/Settings/Logs page -> Temporarily Whitelist my IP button
permanently = iTSec plugin Settings page -> Global Settings -> Lockout White List -> Add my current IP to Whitelist buttonSo if I understand correctly it has been working fine for a while and suddenly without any obvious change this issue started.
Are you using the latest iTSec plugin release (5.2.0) ?If so you must have updated the iTSec plugin recently since 5.2.0 was released 2 weeks ago. Any chance the issue started after updating the plugin to 5.2.0 ?
Are you able to access the site (frontend\backend) from a different IP ?
dwinden
Let’s deal with the all pages showing ‘error’ issue in this topic.
Please open a seperate topic for the blank page issue.When the iTSec plugin triggers a host lockout, the ‘error’ page is displayed.
Host lockouts are caused by too many invalid login attemps from a brute force attack OR by too many 404 requests.
Brute Force Protection and 404 Detection are the plugin features controlling this behavior.So basically this is the iTSec plugin doing its work.
dwinden
Could this be related to some of the permissions set by iThemes Security?
Yes, it could be. Could be a nginx related issue as your website seems to be running on nginx.
Temporarily comment the iTSec nginx.conf include line in the nginx.conf file. And then see whether it makes any difference.
Also check whether the Banned Users HackRepair.com’s blacklist is enabled.
And check which System Tweaks and WordPress Tweaks settings are enabled.dwinden
@excel iran
Thank you for your feedback.
As this issue seems to be solved please mark this topic as ‘resolved’.
dwinden
@excel iran
Check your Apache error_log for any errors.
I noticed you specified WP 4.0.9 as WordPress version for this topic …
Please note the iTSec plugin 5.2.0 release requires at least WordPress 4.1dwinden
I’m sorry to hear about your struggle with this feature.
Did you by any chance check that the better-wp-security/core/lib/class-itsec-lib-utility.php file exists before trying to change the wp-content folder ?
I temporarily renamed that file and then tried to change the wp-content folder and this allowed me to reproduce your errors instantly …
dwinden