No security status visible

  • For no apparent reason whatsoever this UNRESOLVED topic’s status was set to closed.

    It was not only set to closed but it was CENSORED as well since my last post, in which I shared some information which was disclosed to me by a newsletter email received from iThemes, was REMOVED from the topic.

    The topic is mainly about the Security Status feature being removed in the 5.2.0 (or higher) release.

    But there is a second issue described in the same topic that is simply ignored by iThemes. This second issue can have serious consequences for any website owner who downloads/installs/activates the iTSec plugin and thinks clicking on a One-Click Secure button will secure their site. In reality the One-Click Secure button does nothing !
    iThemes knowingly removed all code behind the One-Click Secure button as of the 5.2.0 release. The “One-Click Secure” button should have been removed as well …

    I don’t know who closed the original topic (I can only guess), but I think iThemes deserves a chance to properly respond to this topic. To make sure it is not going to be closed (or censored) again I’ve added a modlook tag to this topic.

    My second post to this topic will include the information from the iThemes newsletter email as last posted in the censored (and closed) topic. It contains information which is relevant for the removed Security Status feature issue.

    dwinden

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 10 replies - 1 through 10 (of 10 total)
  • Thread Starter dwinden

    (@dwinden)

    Sneak Peek: 2 Big iThemes Security & Sync Updates Coming Very Soon

    1. A Brand New Dashboard for iThemes Security Pro

    The best WP security plugin is getting even better. The new dashboard for iThemes Security Pro is going to make it faster and easier for you to secure all your WP sites. As you can see, the new dashboard puts all the vital security modules right at your fingertips plus a new “recommended” section.

    iThemes Security New Dashboard screenshot

    2. iThemes Sync Reporting for BackupBuddy (and Soon for iThemes Security)

    For anyone interested in the complete newsletter email, send an email to [ redacted, support is not offered via email, Skype, IM etc. only in the forums ] and I’ll forward the newsletter to you.

    dwinden

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    This is what a really good manager of mine used to tell me and others.

    Concisely, in 25 words or less, what is your question?

    What is your question to iThemes? Are you asking about the specific Security Status dashboard?

    These forums are not social or product commentaries, they’re support forums.

    There are a few other places such and Reddit’s WordPress section and FB’s AWP area where you can opine on their product. I’ve only briefly looked but they do have a blog and that may be the best place to pose this topic.

    https://ithemes.com/category/wordpress-security/

    Also please do not post your email in these forums. Those will be redacted when found. Except for plugin and theme authors posting that for support in their own forums, no one should be posting their email address here.

    Edit:     If someone wants the iThemes newsletter then they can sign up for their own copy.

    Thread Starter dwinden

    (@dwinden)

    @jan Dembowski

    You didn’t disappoint me. Exactly the biased response I expected from you.
    It says somewhere in the Forum Welcome: “Our moderators are smart”.

    Do some proper reading and figure it out. It’s all there.
    You’re right about the email though …

    dwinden

    @dwinden

    Speaking of doing proper reading, perhaps you should read the forum welcome page in the codex, specifically this section about things to *not* do. It’s silly to criticize mods when you’re the one not following the rules.

    https://codex.www.ads-software.com/Forum_Welcome#The_Bad_Stuff

    Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    @dwinden? Please don’t add the modlook tag to this topic. When a moderator decides that there is nothing to moderate, this tag is removed from the topic. So, please stop adding it back in.

    Thread Starter dwinden

    (@dwinden)

    @ryan Duff

    You totally misinterpreted my post…haha
    Dont worry I don’t blame you.

    Anyway I trust WordPress when they say their moderators are smart.
    So instead of insulting their intelligence by overexplaining I expect them to be able to figure things out. That is if a moderator takes the time to read things properly …

    Oh, and I have read the Forum Welcome, thank you.

    Eargerly waiting for a response that is actually about the issue I opened this topic for.
    Now where did I read that in the Forum Welcome …

    dwinden

    Thread Starter dwinden

    (@dwinden)

    @andrew Nevins

    Is that documented anywhere ?

    If so I apologize for any inconvenience I caused ??

    dwinden

    @dwinden,

    The latest release has pushed changes paving the way for a new UI and other tools being integrated into iThemes Security. Some of the One Click functionality was removed as we restructure the code base for a better method of orienting users to recommended settings.

    No necessary features or functions have been removed from the plugin, as the One Click button was only ever intended to be a tool for helping to speed up the configuration of the settings known to have few conflicts on the vast majority of sites.

    We have plans for a much more robust system that will speed up and simplify the settings configuration process even more. I don’t have an exact release date, but the final rollout of the new UI with a focus on making setup easy is, and has been, a top development priority.

    Thanks,

    Gerroald

    Thread Starter dwinden

    (@dwinden)

    @gerroald

    Thank you for finally responding to the One-Click Secure issue.
    Any idea what happened to the other topic ?

    … as the One Click button was only ever intended to be a tool for helping to speed up the configuration of the settings known to have few conflicts on the vast majority of sites

    Let’s focus for a moment on the part from your reaction highlighted above.

    I would agree with that statement IF display of the Important First Steps modal box was optional.
    However it is not. A first time user of the plugin will ALWAYS be presented with the Important First Steps modal box.
    Even though they do initially get an option, when dismissed, the user is automatically confronted with the Important First Steps modal box upon ANY subsequent action. Note I’m specifically describing the scenario, right after plugin install\activation.

    So since iThemes calls this modal box Important First Steps it is safe to assume that there is a high probability that first time users simply follow the recommendations … and finally click on the One-Click Secure button.

    It then reports:

    Site Secured. Check the Dashboard for further suggestions on securing your site.

    “Site Secured” ? Huh ! Since the code behind the One-Click Secure button is removed, not a single setting is being changed… NOTHING has been secured ! Now what is a One-Click Secure button doing on a modal box named Important First Steps when clicking that button does ab-so-lu-te-ly NOTHING to secure your site ?

    “Check the Dashboard for further suggestions on securing your site.” ! Huh ! Since the Security Status feature has been removed from the Dashboard there is NOTHING to check !

    So common sense tells me first time users will be confused or at least mislead …
    Something that can simply be prevented by REMOVING the One-Click Secure button from the Important First Steps modal box …

    It’s a pity that the GA data tracking feature does not track how often the One-Click Secure button is being clicked upon. But I’m pretty sure it’s being clicked upon a LOT …

    I also noticed that one of the features which would normally be enabled by the One-Click Secure button is Brute Force Protection.
    Which I think is a pretty important feature …

    Please reconsider, for now I rest my case.

    Anyone reading this topic and who agrees with my findings please add a

    @dwinden +1

    post to this topic.

    The other topic had already received 2 of such posts (including a third yesterday in the form of only an email notification since the topic’s status was set to closed).

    dwinden

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Anyone reading this topic and who agrees with my findings please add a

    No, really don’t do that. That will get this topic closed again.

    Here’s why: Once again, these are support forums. These are not product commentary forums or public opinion forums.

    @dwinden If you want to opine on this topic then feel free to do so on your own blog. These forums are not your soapbox and yes, that’s what most of us have blogs for.

    If someone has problem with this plugin then they are asked per the forum welcome to please post their own topic. They can do that via this link.

    https://www.ads-software.com/support/plugin/better-wp-security#postform

    If they want to use this topic as a public opinion place then that’s not what these forums are for. This topic will get closed with a note.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘No security status visible’ is closed to new replies.