Gerroald
Forum Replies Created
-
Hi,
This is a known bug and will be addressed in a near future release.
Thanks,
Gerroald
Hey Shannon,
You can ask your host to increase your PHP max execution time and see if that helps. They won’t have to wait longer than 30 seconds (or even 30 seconds) for the page to load. This is for PHP processes to run, not page load time.
If this doesn’t help I’d suggest disabling the File Change Detection feature for now.
Thanks,
Gerroald
Hey Michael,
Lets try to narrow this down. Test disabling the features below and see if that helps.
Hide Backend
Suspicious Query Strings
Long URLs
Thanks,
Gerroald
Hi,
Unfortunately there’s only so much you can do to protect against an something attacking. But there’s plenty you can do to prevent them from getting in. And it sounds like that’s what security is doing.
Thanks,
Gerroald
Hi,
I see how the wording can be misleading. I’ll work on getting it fixed.
They have to meet your lockout criteria to be written to the .htaccess. Alternatively you can manually ban them as well.
Thanks,
Gerroald
Hi,
There are many reasons it could be happening. For example they could be hitting 404s or their usernames could be being in brute force attacks. The logs should shed some light.
Thanks,
Gerroald
Hey Matthias,
I’d suggest not using the Default Blacklist if it is indeed the exact same issue. The list is currently slated for some upgrades and should be more efficient soon.
Thanks,
Gerroald
Hey Roman,
I’m not seeing the same here. Can you please provide more information?
Thanks,
Gerroald
Hi,
I’d suggest creating a new user, transfer all content to it and delete the old one. If you can’t access your site to do this, then deactivate the plugin via FTP by renaming it’s directory to something like ithemes-security-pro.bak. Once you’re in and made the adjustments you can rename it back to reactivate it.
Thanks,
Gerroald
Hi,
It seems they may be triggering a permanent Ban somehow. You can remove their IPs from the .htaccess. Then I’d keep an eye on your logs to see why they’re getting locked out.
Thanks,
Gerroald
Hey Boas,
You issue is with the User Access Manager plugin. Basically once you force the https you change the actual URL. The User Access Manager plugin is looking for the http URL that it’s previously stored to serve it. There isn’t anything we can do from our end, but you do have two options.
1) Contact the developers and see if they can account for the URL change.
2) With SSL/https active re-upload all images. This way it’s looking for the correct URL.
Thanks,
Gerroald
Hey John,
If you disable the Default Blacklist that should do the trick. The conflict is with the HTTP Referrer Blocking portion listed below. I’m going to need to dig in deeper to find out why, but I thought I’d let you know so you can reactivate the plugin.
# Start Abuse HTTP Referrer Blocking RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?semalt\.com" [NC,OR] RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?kambasoft\.com" [NC,OR] RewriteCond %{HTTP_REFERER} "^https?://(?:[^/]+\.)?savetubevideo\.com" [NC] # End Abuse HTTP Referrer Blocking RewriteRule ^.* - [F,L]Thanks,
Gerroald
Hi,
If you’re having problems getting receiving emails from WordPress this is likely going to be a server configuration issue. You might check again with your host to make sure the PHP mail() function is enabled. Be sure to let them know you’re having problems receiving emails from your WordPress site.
Thanks,
Gerroald
Hi,
Is the IP added to the Ban Users list? If not, can you add it and see if that helps?
If it is added can you see if it’s written to your .htaccess?
As for the emails, can you ask your host for your email error logs?
Thanks,
Gerroald
Hi,
Can you try switching to a WordPress default like Twenty Fifteen and see if that helps?
@phil – Does deactivating the s2Member plugin resolve this?
Thanks,
Gerroald