• I know this has been covered before, however I didn’t see it on the first two pages, I’ve invested enough time already trying to resolve this, perhaps there can be a definitive way to remedy this ongoing issue.

    With all due respect to the product and it’s developers, the constant lock-outs at the wp-admin screen sign in is becoming redundant. I would prefer to get directly into my site and start working instead of having to waste 10-15 mins trying to resolve my own lock out status.

    My only knowledge at this point is to rename the ‘better-wp-security’, go into the Myphpadmin panel and empty the three itsec tables. This has worked thus far, however today is another story. I’ve cleared cookies, cleared caches, etc. However when I go back and rename the folder I’m locked out again, only able to gain access when I de-activate the plug-in.

    With all of the frequent updates, this problem doesn’t seem to be addressed, I’m not anticipating improvement at this point. I would like to continue to use this plug-in, however the extra work and inconvenience is becoming to much of an issue.

    Is there a cure or resolve to this?

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 8 replies - 1 through 8 (of 8 total)
  • Maybe, What you can do, is to white list your IP putting it in:
    the plugin settings > Global Settings > Lockout White List

    i hope this will work for you,

    best regards

    L

    Thread Starter terrace_29

    (@terrace_29)

    Thanks Lomars, I’ll give it a try

    Thread Starter terrace_29

    (@terrace_29)

    I’ve got to tell you, this plugin is becoming more hassle than it’s worth. I can appreciate tight security, but for some reason, and even though the plugin is updated like every other day, it’s so tight it’s getting too difficult just to work my sites.

    Getting lock out notifications through e-mail even though I’m not being locked out. White listing where I can, but why is the system sending me lock out notifications that aren’t happening?

    The whole permission issue when trying to upload the ‘featured image’ would have me pulling my hair out if I had any hair left to pull out, instead I”m banging my head against the wall. I change the permissions, still can’t upload the ‘feature image’, so frustrating and a big time time waster.

    There other security plugins available, I’m one frustrating encounter away from deleting ‘iThemes Security’ from all my sites and getting on with my life in a less stress filled environment.

    Are the authors taking into account the issues related to this script, are any actions being taken to have a plugin that works for us and not against us?

    to terrace_29:
    I agree with you.
    If you have a good alternative, my are open to read about it…

    I am constantly receiving emails, approx 50-75 per day saying I am being denied access for too many bad login attempts. Me, the admin. I can still log in because I had white listed my IP – but what is going on? I have no idea how to diagnose the problem.

    Thread Starter terrace_29

    (@terrace_29)

    I am constantly receiving emails, approx 50-75 per day saying I am being denied access for too many bad login attempts. Me, the admin. I can still log in because I had white listed my IP – but what is going on? I have no idea how to diagnose the problem.

    The bots are scanning the usernames, culling them from the posts.

    The expiration feature is counter productive in my opinion, having to log back in and being locked out is even more annoying and time consuming.

    One cure would be to add a capcha in the login screen, or a second security or password code. Rather than simply blocking the usernames, ’cause that ain’t working.

    Each time I locked out I have to flush the itsec files in phpadmin, then delete the history and cookies and sometimes flush the dns.

    It’s a lot of work just to get into your own site. Given that this script is updated every other day, I don’t understand why the writers aren’t addressing this.

    Thanks terrace! Since I am admittedly scared to get inside the phpmyadmin files I created a new admin, deleted the old and for now the notifications have stopped. Since my site is not a blog – I have no posts at all – just 5 static pages with one user (me) I don’t mind creating a new user. I agree with you I think it’s kind of ridiculous to go through all this just to get into your own site, and there doesn’t seem to be much support, at least for the free version. If I start getting the notifications again I will look for another security plugin.

    Thread Starter terrace_29

    (@terrace_29)

    I always have two Admin user names across all my sites, you were wise to set up a new one, you can always use a different username to write posts with even though you are logged in with a different username.

    I’m getting slammed on one of my sites where they’re hitting both usernames, I’m quickly going to opt for setting up a third user or just switch plugins.

    Again, one ideal solution would be to set up a captcha or second ID code, there’s no reason the owner needs to be constantly locked out.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Continual Site Lock-Out For Admin’ is closed to new replies.