Alysha777

Yes, when I first set it up I was able to put 2 different iFrames on 2 different pages on my site. Then they just stopped working and turned white. What went wrong? I didn’t add any Javascript.

I did add a security plugin that locked me out of my site and it took me 2 days to back it out and delete it. But the iFrames survived that. I am not sure what happened?

Alysha

OK. I edited it again and went in this time and deactivated it and deleted it. Now everything is back to what it was before I installed it which is great! At this point I think I will look elsewhere for security. I am glad that it works for others but it did not work for me. I was disappointed as I did like the idea of many of the features. It sounded like it would be a great answer for security. Perhaps, due to the fact that it was just updated the day I installed it, it needs a bit more work.

Thank you for your help in backing me out of this!

Alysha

Anyway, back to mbrsolution,

Although I deleted the lines in the .htaccess file that you instructed, I just checked it again and it seems they are back in there. Perhaps it did not save on the server? Or is there a code in the plugin to keep rewriting the new .htaccess to it’s new “secure” version? I am going to attempt to delete and save it again and see if this is repeated.

Thank you,

Alysha777

Sorry I thought I was NOT suppose to start a new post until I had read all the other posts on the subject to see if I could get help from them. Posting in someone else’s post was what I was attempting to do – not start a new post. I also see other people posting when they are having the same problem.

Alysha777

I don’t know why you can’t find my posts. They are all under Alysha777 and are on at least 3 different forums. I see that many people are having the same problems I am having so it is not just me.

I just edited the .htaccess file according to your instructions but it did not work. I was still not allowed into my site. Then after about 20 minutes I was able to enter using the old standard URL https://www.mysite.com/wp-Admin. But it only worked for a short time. I should have used that opportunity to deactivate this mess. But I was going through the steps again to see what was checked and see if something should be unchecked. However, shortly after this – while still checking out the settings in this plugin, I was suddenly redirected to the 127.0.0.1 – Yahoo search page again. Now it will not let me in at all. There MUST be something really wrong in the database because this redirect was removed from the .htaccess.

I have NEVER had so much trouble with a computer issue – and I used to run an Apache Web Server for NASA. This is unnecessary MADNESS.

I have already wasted way too much time on this.

THIS IS A BAD PLUGIN THAT NEEDS TO BE REWRITTEN.

Alysha777

Oh well, no replies. I reinstalled WordPress and started all over!

Thank you for your prompt reply and understanding!

Alysha

I am also locked out of my Dashboard. I can login to my site but as soon as I try to access my Dashboard it redirects me to a Yahoo search page from 127.0.0.1 (as it said it would to unauthorized users). But I never get the WordPress Login page. I use the name of my site with the word that replaces Admin in the URL and it puts me right into my site without any password.

I read that this is because of the change to my .htaccess file. Here is is. Can anyone tell me what to change/delete?

# BEGIN All In One WP Security
#AIOWPS_BLOCK_WP_FILE_ACCESS_START
<Files license.txt>
order allow,deny
deny from all
</files>
<Files wp-config-sample.php>
order allow,deny
deny from all
</Files>
<Files readme.html>
order allow,deny
deny from all
</Files>
#AIOWPS_BLOCK_WP_FILE_ACCESS_END
#AIOWPS_BASIC_HTACCESS_RULES_START
<Files .htaccess>
order allow,deny
deny from all
</Files>
ServerSignature Off
LimitRequestBody 10240000
<Files wp-config.php>
order allow,deny
deny from all
</Files>
#AIOWPS_BASIC_HTACCESS_RULES_END
#AIOWPS_ENABLE_BRUTE_FORCE_PREVENTION_START
RewriteEngine On
RewriteCond %{REQUEST_URI} (wp-admin|wp-login)
RewriteCond %{HTTP_COOKIE} !xxxxxxxx= [NC]
RewriteCond %{HTTP_COOKIE} !aiowps_cookie_test_czu0j1zbpj= [NC]
RewriteRule .* https://127.0.0.1 [L]
#AIOWPS_ENABLE_BRUTE_FORCE_PREVENTION_END
#AIOWPS_BLOCK_SPAMBOTS_START
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} ^(.*)?wp-comments-post\.php(.*)$
RewriteCond %{HTTP_REFERER} !^http(s)?://(.*)?\.mysite\.com [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule .* https://127.0.0.1 [L]
</IfModule>
#AIOWPS_BLOCK_SPAMBOTS_END
# END All In One WP Security

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

I changed the security pieces here that are actually available to everyone otherwise.

Please help.

Thanks,

Aly