Since the update to 4.0.2 I’m not able to login via secret word

  • Resolved Dekidex

    (@dekidex)


    8 years, 11 months ago

    Hi Guys,
    First of all I would like to say that All In One WP Security & Firewall plugin is one of the best security tools on WP and I use it for a while now on all my websites. I’m really happy with all the possible options and it real helps me to keep the bots of my sites.
    But since the update to 4.0.2 I’m not able to login using my secret word.(brute force advice option)
    I have the same problem on all my sites that use different themes.
    When I go to https://www.mysite.com/secretword I notice that captcha question remains the same and every time I tried to login I get 403 forbidden in return.
    I had this issues before but then I just remove the plugin in via FTP and reinstall with the issue resolved. But now it is not working.
    I have removed the plugin via FPT and cleared all the lines from # BEGIN All In One WP Security to then End. from the .htaccess file . I have remove the aiowps_backups just to make sure that all the old setting are gone. Also I cleared the cache.
    Then I reinstall the plugin in and I get thrown out of the site. Now my secret word is not found which is not odd as I remove the lines from .htaccess file but also wp-login.php is not to be found.
    I’m not sure what I’m missing when clearing the plugin data ? Or there is something ells going wrong.
    Any help getting your plugin to work again is appreciated .
    Thanks !

    https://www.ads-software.com/plugins/all-in-one-wp-security-and-firewall/

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Contributor wpsolutions

    (@wpsolutions)

    To completely remove the aiowps configuration you should also log into PHPMyAdmin and find the wordpress “options” table. Then look for the row which has option_name value of “aio_wp_security_configs”. Once you find this row delete it.

    Which of the brute force features did you use to rename your login page:
    – “Rename Login Page” feature?

    OR

    – “Cookie Based Brute Force Prevention” feature?

    Did you have any other brute force feature enabled such as white list?

    Thread Starter Dekidex

    (@dekidex)

    I removed the aiowps plugin via FTP
    and cleared the .htaccess file
    then removed the line aio_wp_security_configs via PHPmyadmin in the option_name . This made it possible to install AIOWPS fresh again.

    Unfortunately it does not solve the problem for me. once I active the secret word in the Burteforce prevention the same issue arrases. The requested URL /secret word was not found on this server.

    Thread Starter Dekidex

    (@dekidex)

    sorry wpsolutions our post crossed I figured in the meantime that I had missed the phpmyadim part of the removal process.
    For all my site I use – “Rename Login Page” feature?

    Plugin Contributor wpsolutions

    (@wpsolutions)

    Are you using a caching plugin? Have you tried clearing the cache?

    Thread Starter Dekidex

    (@dekidex)

    Yes , and I head cleared the cache. But once I active the Rename Login Page” feature I can’t get on to the site.

    Plugin Contributor wpsolutions

    (@wpsolutions)

    But once I active the Rename Login Page” feature I can’t get on to the site

    What do you see exactly?
    Do you at least get to the login page using your secret URL?
    Have you tried the “Cookie Based Brute Force Prevention” feature as an alternative?

    I tested the rename login feature on wp 4.4 and I saw no issues during my tests.

    Thread Starter Dekidex

    (@dekidex)

    nope I get immediately forbidden page on wp 4.4.
    note that on my other site with still older version of WP but with updated plugin to 4.0.2 I get to the login page with secret word but nothing is happening when I tray to login. captcha is not changing and I do not get an error or what so ever. But as that site is 100.000 + visitor I did not wat to play with the plugin . So it’s not WP 4.4 problem. Like I said everything was fine till update to 4.0.2.
    I really love the Rename Login Page” feature as it keeps bots of trying to logging mainly on my international site this really helped me to limit the pointless login attempts to non.
    Unfortunately cookie would work for use from home but from my office due to security reason our cookies are cleaned after every browser season so this will complicate logins. Beside it will not stop other to attempt the login which creates unnecessary server lode.

    Same here, I cant access also. But when I created a new account I was able to access it. But the old accounts still cant access.

    Plugin Contributor mbrsolution

    (@mbrsolution)

    @dekidex have you updated to version 4.0.3?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    @dekidex has your issue been resolved with the latest version?

    Plugin Contributor mbrsolution

    (@mbrsolution)

    I am marking this thread as resolved. No replies in 2 months.

    Thank you

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Since the update to 4.0.2 I’m not able to login via secret word’ is closed to new replies.