GunnyRet

@reshm, Please see above. It looks like you also updated to 1.9 about 8 months ago and resolved this issue. I also have 1.9, but the issue persists. Any ideas how to resolve?

I apologize, Phil. Oct/Nov are extremely challenging times for my business and the veteran non-profits I serve. I have not had an opportunity to test your suggestions.

I truly appreciate your efforts, and promise I will get to this! Lately, I haven’t had an significant issues.

@wfphil,
Thank you for your response.I have site user registration activated for the site, primarily for job seekers.

I manually approve each user (currently very manageable) because I have had fake accounts get through without this feature in place.

After a counseling session with a Veteran, I instruct them how to create a profile. Then, it’s a pretty simple process of activating their account once they register.

I wish I could afford all the bells and whistles, but I don’t charge Veterans fees for my job search coaching. So, for now, I find myself needing both plugins.

Thank you again for the reply.

Ironically, I’m heading to an Information Security Summit in Cleveland today to help connect Veterans to the plethora of opportunities in this field.

I hope I answered your question.

Oorah!

Gunny

Greetings @mbrsolution!
I just saw an email this morning with this subject: “127.0.0.1 Redirect on all pages”

I followed all the steps you suggested in this thread, and I have FINALLY resolved my issues. I’m very excited to start using AIOWPS again.

I could not find the thread to link my response for “127.0.0.1 Redirect on all pages”.

Ok. I installed the reset plugin. After activating it, I click on “reset” and get the following error.
“Sorry, you are not allowed to access this page.”
I did this without AIOWPS installed.

I tried installing AIOWPS plugin, and as soon as I activate it, I get the 127.01.1 (something like that) error.

@mbrsolution, Thank you for the suggested documentation. I successfully deactivated the AIOWPS, and Wordfence plugins through cPanel.

I tried to access the settings link for the AIOWPS Reset Settings plugin after installing it, and received a message telling me, “Sorry, you are not allowed to access this page.”

Are there instructions to know which file(s)e.g., wp-config/.htaccess} are necessary to import from another site I manage where AIOWPS and Wordfence happily commingle?

Thank you!

Forgive me support forum for it has been MONTHS since I last posted on this topic.

1. I took a break from this thinking it would help me see things more clearly.
2. I have been inundated with other business.

How can I export the settings from another site that is working fine with both AIOWPS and WORDFENCE simultaneously, and then import the AIOWPS settings into the troublesome site in cPanel?
The troublesome site only fails when I activate AIOWPS. I’ve deleted the .htaccess file and re-saved permalinks to no avail.

Thank you!

Thanks for the reply.

• This reply was modified 6 years, 3 months ago by GunnyRet.

I hope you will reconsider those plans. It’s quite helpful in monitoring others you’ve provided temporary admin access to your site, when they are trying to help resolve plugin errors. I am also able to see where attacks are predominantly originating; assuming those I.P. addresses are not faked.
Thank you for your response.

@patsky, Thank you for your suggestion and testing of your proposed solution/work-around.
I may have to move to a new events management plugin as well. I was hopeful that your work-around would work, but this is sad news. It appears from this layman, that this would be a simple fix given all the other development they’ve done.
I tried looking in the documentation, and didn’t see anything there.

Jackie,

Thank you for the kind assistance. I run 4 other sites and have them all set up in general settings as: https://site.org or .com. Although, I am still learning WP. I think part of my problem was that I had multiple copies of the .htacess file with different names adaptations that were causing the highly unusual behaviors. Something you said made me think to go delete all instances and reset the permalink structure. I have been so absorbed with this I forgot this simple fix.

I recently received some guidance from GoDaddy on redirecting to the SSL site. I will try to inject that Rx into the .htacess file. I can see what you mean about others “instinctively entering “…www.neovets.org. That makes sense. I truly appreciate your help.

I have multiple sites in GoDaddy cPanel, but NOT in a multisite WordPress setup.
Here is the updated .htaccess file code. https://gunnyret.com is my primary account where the UCC SSL resides. It covers my five websites. I have added these characters above and below the .htaccess file to help separate it from the rest of this dialogue. “///”

////////////////////////////////////////////////////////////////////
# BEGIN GD-SSL
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_USER_AGENT} ^(.+)$
RewriteCond %{SERVER_NAME} ^gunnyret\.com$ [OR]
RewriteCond %{SERVER_NAME} ^www\.gunnyret\.com$
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Header add Strict-Transport-Security “max-age=300”
</IfModule>
# END GD-SSL
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
///////////////////////////////////////////////////////////////////

I’ll be reaching out to a few of my customers and asking them to text their login access pending your reply.

Thanks for the kind words about ONE of my projects. If you’d like to connect outside of this forum, please find me here: LinkedIn

Sincerely,
Gunny

@abletec (Jackie),

Sorry for my slow reply. I was on the road most of the day today.
I maintain all my sites separately; not multi-site.

I noticed the redirect link appearance you cited too. I have (or, rather had) these various relative plugins in each of my sites:
Really Simple SSL
Wordfence
All In One WordPress Security

There are other plugins of course. I have GoDaddy and cPanel, and have gone into each domain and deactivated some or all of the plugins. I’ve tried to delete and “refresh” the .htaccess file through the permalinks. But, all these issues persist.

I went into the root folder for this specific site https://neovets.org, and deleted all .htaccess files. I had renamed, and had a few different copies.

I updated the permalink structure and have coped/pasted the current .htaccess file below
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Please let me know what you encounter now.

Thank you again for your help.

Gunny

My faithful friend @wpsolutions, I must apologize for my last post. I totally neglected to mention that after I tried your suggested work-arounds, and still seeing errors, I deleted the plugin altogether.

Even with the plugin removed, I’m still seeing this highly unusual behavior. And, so are my clients.

I’m going to try copy/pasting my last thread into a new www.ads-software.com support forum and see if anyone can possibly help me identify the cause of my issue.

I’m not going to close this out right now. I’ll circle back and let you know if/when the issue has been identified and resolved.

Thanks again for all your diligence!

Sorry for my slow response, @wpsolutions. I tried following your last suggestion by removing the .htaccess and updating permalinks. That still didn’t work.

During a visit to my client’s office, I tried to mimic her complaint that she couldn’t login. We say a redirected too many times error screen on using the “…wp-login.php”.

I entered the address with no login command, https://website.org and I was immediately taken to my dashboard and I was logged-in. Next, I tried “…wp-admin and got the same thing. I was logged into the dashboard. This is very troubling.

I’m currently on my hotspot and cannot access the login page, and tried the steps just described to no avail. Again, I can successfully login to all 5 of my websites when I’m on my home WiFi. I’ve dismissed simply clearing cookies and cache, because my customer’s IT folks did that too and it didn’t help.

I’ve tried to disable all plugins, or just those that have anything to do with security, or buddypress, and still coming up with nothing. I really hate to pay GoDaddy to fix this!

Any final clues?

@wpsolutions, I just checked for that table in PHPMyAdmin, and didn’t see my I.P. address blocked. I believe I have/had my I.P. address whitelisted as well.