how to make away mode permanent and disable when I need to?

@madivad

A well described topic deserves a proper solution … this is just one option of several …

First of all you should select Type of Restriction -> “One Time” because there is a known bug in “Daily”.
Then enter an End Date far into the future …
This way Away Mode will be active continuously.

To deactivate\activate Away Mode, temporarily rename the wp-content/uploads/ithemes-security/itsec_away.confg file.

Untested but theoretically this should work.

If the info provided above answers your question please confirm the solution and then mark this topic as ‘resolved’.

dwinden

@madivad

If you require no further assistance with this topic please mark it as ‘resolved’.

dwinden

Sorry, I haven’t had a chance to test this. I’m currently migrating servers, I’ll let you know as this is a feature I’m very interested in.

@madivad

Ok, no worries.

dwinden

Ok, tried it tonight and since I was in an IDE with FTP, I opened the file and looked at the contents. A word to anyone else thinking of doing this, it doesn’t work. ??

Either rename the file (as suggested by @dwinden) or delete it. Since from what i can gather, it only gets deleted anyway once away mode is off (if I’m not mistaken—which at this late hour is possible :P)

Thanks @dwinden for your reply and patience.

I thought I would add:

I would LOVE to see a feature whereby (mostly multisite related):

• away mode could be per site
• away mode could be triggered as the last admin for each site logs off
• away mode for all sites could be triggered when super admin logs off
• fixed IP addresses for users (notwithstanding the fact that some people use mobile devices or have a dynamic IP address assigned at home, in the case where a site would have power users who only log in from fixed locations or remotely through vpns to a fixed location, some IP option could be handy)
• a log entry after X filed attempts at logging in to denote whether that IP address actually got in or not. Personally, everytime someone logs in from a new IP address, I want to know about it, possibly even have some form of geolocation worked in with that
• possibly an error from another plugin (or not) but the link to the log file from the malware test section in the settings area gives me a permission error, but going directly to the log works
• tonight for the first time (since installing this a week ago) I was getting hit from multiple IP addresses simultaneously and once they failed on one site they went to one of the others in the network. It would be good to enter a “panic room” mode where all user logins are denied for a fixed/editable period. Since my site is more a personal blog, it won’t affect anyone, I’m mainly the only user.
• further to “panic room” mode, possibly enhance the away mode to allow users INSIDE the backend to remain there (if at all possible). Or allow only certain users access yet leave the away mode activated

Maybe the away mode triggers something that just doesn’t allow anyone in, if that’s the case, then I understand it wouldn’t be possible to let anyone in. But if it’s possible to only le one IP in for a period, that could be of great security benefit ??

Time to shutup now. Sorry guys ??

@madivad

• away mode could be per site

The iTSec plugin is a multisite ‘network plugin’ type only.

• possibly an error from another plugin (or not) but the link to the log file from the malware test section in the settings area gives me a permission error, but going directly to the log works

Bug, the link is invalid for multisite.

Feature requests can be submitted here.

dwinden

Ahhh, I’d followed https://ithemes.com/contributing-to-ithemes-security/ which takes you to a page that is sorely lacking content ??

I actually determined the correct link and (from memory) it was as simple as adding another folder to the path which could/should be detected as being a part of multisite.

Anyway, will look more closely at trello