wp simple firewall conflicts with all-in-one security?

Hi Michael,

Honestly, I wouldn’t advise using 2x WordPress security plugins… that’s why that code is there. It is, admittedly, older code I used to prevent conflicts, and I should probably update it with a warning message.

That said though, your best bet is to pick one and stick with it.

What is it in the All in One plugin that you don’t get with the Simple Firewall?

Thanks,
Paul.

Hi,
The main thing I was using it for was protection of the lost password form. Apparently wp simple firewall doesn’t have a checkbox put on the lost password form (which I’m sure would be simple to add, though).
And honestly I’m running more than just wp simple firewall and all-in-one security together haha. Mainly because each plugin does things better than the other.
For example I’m running iThemes security pro (partly because I bought the student developer package from iThemes, so it just seems like a waste to not use it, but also because of the iThemes brute force protection network and 2-factor authentication using google authenticator), and also wordfence, because it seems to do the best at protecting my site from vulnerabilities in plugins (not that any of my plugins are out of date, but just when bots are scanning for vulnerable URLs it will block them). So far no conflicts, except for the wp simple firewall and all-in-one security — which I won’t even need if you can add the lost password checkbox ;-).
Oh and there was an issue once where wordfence was sending me a 2-factor auth code via text, then I had to enter my password along with the code in another form that popped up, and iThemes security really freaked out and banned me on sight. But that’s why I’ve switched to using iThemes for my 2FA.
Thanks,
-Michael.

Hi Michael,

I just did the bit to add GASP to the register form, so it shouldn’t take much effort I’d say to extend it to the lost password form too. I’ll take a look.

Have you tried the 2FA that comes with the Simple Firewall? For it to work, you need email working on your site because if you can’t receive email, you can’t login ?? Seems like quite a lot of extra stuff there simply for the purposes of 2FA.

Anyways, I’ll take a look at the lost password form sure. Thanks for the suggestion.
Paul.

Hi,
I haven’t tried 2FA, mainly because I prefer the way iThemes security pro does it, where you have to have access to your phone and an app on there to get a code. While it’s a bit more risky — if you lose your phone you’re a bit screwed (though not in my case as I can access the database myself), but it’s definitely more secure — no brute forcing of my email account, or redirecting of emails in any way.
-Michael.

Hi Michael,

I’ve just released v4.5.1 which has also now added GASP to the lost password form.

Cheers!
Paul.

Hi Paul!

I am using the Simple Firewall 4.7.1 and first of all let me say that I am very happy with it, it seems to work super reliable. Anyway I am having a problem with contact form 7, V. 4.1.2. Whenever trying to send a form while the Firewall is activated I receive an error message “Failed to send your message. Please try later or contact the administrator by another method.” It works fine if I switch off the firewall. For sure this seems to be a settings issue, but I cannot locate the reason. Could you please assist me?

Thank you in advance!
René

It is likely something being blocked by the Firewall feature… does the block not show up in the Audit Trail?

If not, to find it, disable the Firewall sub-feature and try again. If it works, then re-enable the sub-feature and then turn off all the blocks that are currently set. Enable each one in turn and try to submit the contact form.

One of them will block it and you just have to find which one.

Hope that helps.
Paul.

Thank you Paul, it showed up in the audit trail. I had to deactivate “Block WordPress Specific Terms) as I am using the wp_mail function. I will look for an alternative to wp_mail and activate this feature afterwards.

Great product! Great support! Five stars! And a donation – but where, how?

Kind regards,
René

Hi René,

Thank you for the 5* review! ??

Not looking for donations, all I would ask for is that you spread the word of the plugin and us, and when people are looking for security for their WordPress, or they manage several websites, you mention us on discussions and forums. Spread the word… that’s all the donation we can ask for! ??

Thanks!
Paul.