49jili Treasure bowl.REGISTER NOW GET FREE 888 PESOS REWARDS!

(@joietan)

Hi,
I have search and read the support forum and i still have problem with site and plugin

I have not been meddling with my site for some time.
I have installed this plugin and i dont remember what i did configure.
Now I am locked out out of wp-admin
everytime I tried to login it gives me error user/password. When I reset the password and relogin again, it direct me to 404 page

I still have my cpanel access

Is there anyone who has step by step on how to disable and get me back inside my wp-admin dashboard.

like, what files must i delete or modify from cpanel?

here are my wp-options:
bit51_bwps has

a:73:{s:14:"initial_backup";i:1;s:17:"initial_filewrite";i:1;s:10:"am_enabled";s:1:"0";s:7:"am_type";s:1:"0";s:12:"am_startdate";s:1:"1";s:10:"am_enddate";s:1:"1";s:12:"am_starttime";s:1:"1";s:10:"am_endtime";s:1:"1";s:12:"backup_email";s:1:"1";s:19:"backup_emailaddress";s:0:"";s:11:"backup_time";s:1:"1";s:15:"backup_interval";s:1:"1";s:14:"backup_enabled";s:1:"0";s:11:"backup_last";s:0:"";s:11:"backup_next";s:0:"";s:17:"backups_to_retain";s:2:"10";s:10:"bu_enabled";s:1:"0";s:10:"bu_banlist";s:0:"";s:11:"bu_banagent";s:0:"";s:12:"bu_blacklist";s:1:"0";s:10:"hb_enabled";s:1:"0";s:8:"hb_login";s:5:"login";s:11:"hb_register";s:8:"register";s:8:"hb_admin";s:5:"admin";s:6:"hb_key";s:0:"";s:10:"ll_enabled";s:1:"0";s:18:"ll_maxattemptshost";s:1:"5";s:18:"ll_maxattemptsuser";s:2:"10";s:16:"ll_checkinterval";s:1:"5";s:12:"ll_banperiod";s:2:"15";s:14:"ll_blacklistip";s:1:"1";s:23:"ll_blacklistipthreshold";s:1:"3";s:14:"ll_emailnotify";s:1:"1";s:15:"ll_emailaddress";s:0:"";s:10:"id_enabled";s:1:"0";s:14:"id_emailnotify";s:1:"1";s:16:"id_checkinterval";s:1:"5";s:12:"id_threshold";s:2:"20";s:12:"id_banperiod";s:2:"15";s:14:"id_blacklistip";s:1:"0";s:23:"id_blacklistipthreshold";s:1:"3";s:12:"id_whitelist";s:0:"";s:15:"id_emailaddress";s:0:"";s:14:"id_fileenabled";s:1:"0";s:18:"id_fileemailnotify";s:1:"1";s:19:"id_filedisplayerror";s:1:"1";s:19:"id_fileemailaddress";s:0:"";s:14:"id_specialfile";s:0:"";s:12:"id_fileincex";s:1:"1";s:16:"id_filechecktime";s:0:"";s:11:"st_ht_files";i:1;s:14:"st_ht_browsing";i:1;s:13:"st_ht_request";i:1;s:11:"st_ht_query";i:1;s:12:"st_generator";i:1;s:11:"st_manifest";i:1;s:10:"st_edituri";i:1;s:11:"st_themenot";i:1;s:12:"st_pluginnot";i:1;s:10:"st_corenot";i:1;s:17:"st_enablepassword";i:0;s:11:"st_passrole";s:13:"administrator";s:13:"st_loginerror";i:0;s:11:"st_fileperm";i:1;s:10:"st_comment";i:0;s:16:"st_randomversion";i:1;s:10:"st_longurl";i:1;s:11:"st_fileedit";i:1;s:13:"st_writefiles";i:1;s:14:"ssl_forcelogin";s:1:"0";s:14:"ssl_forceadmin";s:1:"0";s:12:"ssl_frontend";s:1:"0";s:14:"oneclickchosen";s:1:"0";}

bit51_bwps_data has
a:3:{s:7:"version";s:4:"3059";s:13:"activatestamp";i:1347628193;s:6:"no-nag";i:1;}

table wp_bwps_lockouts and wp_bwps_log both are empty

please help.
Thank you ,
Joie

https://www.ads-software.com/extend/plugins/better-wp-security/

Viewing 3 replies - 1 through 3 (of 3 total)

Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

12 years, 2 months ago

Now I am locked out out of wp-admin

I’m pretty sure it’s a known issue.

https://www.ads-software.com/support/topic/troubleshooting-wordpress-35-master-list?replies=4

Particularly this part.

BulletProof Security – https://www.ads-software.com/extend/plugins/bulletproof-security/
Update to the latest version (.47.7) to fix issues with javascript functionality in WordPress not working correctly.
Note: You can still have this problem if you have *ever* used the BulletProof Security in the past, even if you have removed it. If you are experiencing problems with menus and widgets and the editor and similar not working, and you have ever used BulletProof Security, even if you’re not using it anymore, then look for an .htaccess file in the /wp-admin directory, and delete it if it is there.

Look in your wp-admin directory. If you see a .htaccess file there then delete it. You may need to enable “View hidden files” to find it.
Thread Starter joietan
(@joietan)

12 years, 2 months ago
Thank you Jan.
I have never installed Bullet Proof Security before,

I was thinking if i can get access again if i modify the bit51_bwps options, but i dont know what to modify.

Currently under my wp-admin there is no .htaccess file

There is one .htaccess at /public_html that says
```
.htaccess
UTF-8 Unicode text
# BEGIN Better WP Security
Options -Indexes

<files .htaccess>
Order allow,deny
Deny from all
</files>

<files readme.html>
Order allow,deny
Deny from all
</files>

<files readme.txt>
Order allow,deny
Deny from all
</files>

<files install.php>
Order allow,deny
Deny from all
</files>

<files wp-config.php>
Order allow,deny
Deny from all
</files>

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]

RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]

RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(bash|git|hg|log|svn|swp|cvs) [NC,OR]
RewriteCond %{QUERY_STRING} etc/passwd [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} ftp\:  [NC,OR]
RewriteCond %{QUERY_STRING} http\:  [NC,OR]
RewriteCond %{QUERY_STRING} https\:  [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*$.*$ [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|$|$|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(request|select|concat|insert|union|declare).* [NC]
RewriteCond %{QUERY_STRING} !^loggedout=true
RewriteCond %{QUERY_STRING} !^action=rp
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$
RewriteCond %{HTTP_REFERER} !^https://maps\.googleapis\.com(.*)$
RewriteRule ^(.*)$ - [F,L]

</IfModule>
# END Better WP Security

# AddHandler php5_2-wrap .php

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
```
Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

12 years, 2 months ago
Thank you Jan.
I have never installed Bullet Proof Security before,

Aaaannd that’s what happens when I read one set of words and my brain (such as it is) interprets a whole ‘nother set entirely. Sorry about that.

??

I was thinking if i can get access again if i modify the bit51_bwps options, but i dont know what to modify.

Not sure myself how to do that but the plugin author may have some links to assist you from the FAQ.

https://bit51.com/fixing-better-wp-security-lockouts/
https://bit51.com/what-is-changed-by-better-wp-security/

I don’t see in those links where it describes that but I may have missed it as my reading capabilities are sub-par at the moment…

Is there anyone who has step by step on how to disable and get me back inside my wp-admin dashboard.

Up for a little experimentation? Make sure you have backups of your files and database first. In case of a disaster they’ll be your life line.

https://codex.www.ads-software.com/WordPress_Backups
https://codex.www.ads-software.com/Backing_Up_Your_Database
https://codex.www.ads-software.com/Restoring_Your_Database_From_Backup

Make and keep safe a copy of that original .htaccess file and reduce that down to just the basics like so.
```
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
```
The via FTP or CPANEL navigate to the wp-content/plugins directory and save that better-wp-security directory somewhere save. Once that’s done delete the better-wp-security directory.

If it is BWS then hopefully that will get you back access to wp-admin. If something goes OMGWTFBBQ!! wrong then restoring your backups will put you to where you are right now.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘How To Reinstall this Plugin’ is closed to new replies.

Tags