'Session Expried'

  • Checking to make certain the pop up dialog ‘Session Expired you must log in again’. is actually a feature of the latest version of iThemes.

    The pop has the WordPress log and user and password fields, it would certainly serve as a good ruse for the criminals, haven’t heard anything related to that being a new feature of iThemes.

    A ‘time out’ would not be unusual in a password controlled area, but in this case I’m not certain what purpose it is to serve.

    This morning I got the dialog, I have also gotten in on another one of my sites. My password was saved, however the pop-up had no stored information. I did re-log, got back in then it popped up again, went through the procedure and immediately saved my work, which led me to a log in screen in a full window. Signed back into that and was locket out.

    Wondering where are we with this and what is the work around

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter terrace_29

    (@terrace_29)

    Hmm, no replies…. I’ll just assume others are not experiencing it, it certainly points towards potential Malware as well, but it’s hard to gauge given I’m not certain what’s going on with this script.

    Hey Terrace_29,

    This is not an error nor feature from iThemes Security. I did do a quick search and it turned up these .org results with suggestions.

    Session Expired you must log in again

    Thanks,

    Gerroald

    Thread Starter terrace_29

    (@terrace_29)

    Thanks for getting back, this was an issue that occurred on about 2-3 instances, however the last two days I’ve had no problems. I had been getting slammed over the course of the last week or so with brute force attacks, the bots harvested my usernames and were banging those.

    The interesting thing was the ‘expired log-in’ was in the form of a pop up, the username and pass did not auto fill, I do have it saved in the browser and the wordpress data as well. This led me to suspect two things, perhaps my usernames were getting banged while I was inside the site, or it was a sophisticated malware or script re-direct. The criminals are famous for trying to run scripts off of certain files which you well know.

    Thanks again for your reply, it is reassuring to know that it is not something implemented into your script, it didn’t make sense that you would have that feature and I appreciate you confirming that.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘'Session Expried'’ is closed to new replies.