lernerconsulting

iThemes Security isn’t “re-logging the user” but rather tracking incorrect login attempts, and 404 File Not Found errors, and other “bad behavior by a visitor” to block hackers.

This has nothing to do with the Domain Mapping plugin, and should be marked resolved. (I and others have reported this in the iThemes Security plugin support area.)

Stacy, try my installation instructions:
https://lcblog.lernerconsult.com/2012-wordpress-3-multi-site-domain-mapping/

No, you can Not map site 1. WordPress needs site 1 at a known location to work. You map other sites to a domain name. (You can change the domain WordPress is installed on, but that is not what this plugin does.)

Is the mapping showing on the Sites page, under the Mapping column?
/wp-admin/network/sites.php
That is one simple way to tell if the mapping is valid.

How did you get the site ID that you are mapping? You have to use the actual ID of a site.

https://lcblog.lernerconsult.com/2012-wordpress-3-multi-site-domain-mapping/

@happymix: The problem is rewrite.php reported some error, not iThemes Security or your Google Maps plugin.

Check your server error log, or try what I wrote on Debugging WordPress Problems
(how to show detailed error messages to only the IP addresses you specify, nobody else)

Or have your hosting company, or someone from your local WordPress Meetup look at it, or you can contact me.

You can’t fix this without knowing what the actual error message is.

But your iThemes Security problem is fixed, so mark this resolved.

Simply using INSERT instead of INSERT … ON DUPLICATE KEY UPDATE syntax. Very likely no affect on the plugin working. Minor programming sloppiness.

“table does indeed contain a large number of duplicated rows” — Check again, the Primary Key can never be duplicate, MySQL blocks duplicates; the error message you got is MySQL reporting it is preventing inserting a record that would cause a duplicate primary key.

dwinden, I have been using iThemes security without problem on several multi-site installations.

Many of the problems that query you posted finds, are from two users who complain repeatedly. I won’t take their griping as a reason to not use this plugin. You shouldn’t either.

The error I posted is Very Minor. I run my site with maximum error reporting for my development and troubleshooting needs, or I wouldn’t see it.

The error is from common programming practice of making a MySQL Insert command without first checking if the record exists. Simply using INSERT instead of INSERT … ON DUPLICATE KEY UPDATE syntax. Very likely no affect on the plugin working. Minor programming sloppiness.

The only problem is this very minor error adds entries to the error log file, on the relatively rare sites that have detailed error reporting on.

You might find some good ideas how the site got hacked, and what to do beyond having iThemes Security in place, from https://computerhelp.glerner.com/2015-wordpress-security-without-technical-knowledge/

Lindaped, get your site thoroughly checked for hacker code. It is highly unlikely that name change is all they did.

Have your host backup everything, and label the backup so you know it is “likely hacked”. You need to have the backup so repairs can go ahead.

https://premium.wpmudev.org/blog/cleaning-up-after-wordpress-hack/ is good; and you should get the idea reading it that cleaning up after your site is hacked isn’t something you want to take on yourself.

Have a hacked-site recovery professional examine your files and database. Your local WordPress Meetup may have people. Or have Sucuri handle it, they are experts.

Consider whether it would be better to get your site repaired, or to restore from an earlier backup, and how early you need to go to be fairly certain that backup was before the hack (you’ll need to have some file dates, log entries, etc, to know when the hack happened; don’t just go on “I never noticed anything until ___ date”, hacks often happen in stages.

p.s. Google “ZeroCool hacked//TURKHACKTEAM” and see how many other sites have it…

In Security, Settings
/wp-admin/admin.php?page=toplevel_page_itsec_settings
(or /wp-admin/network/admin.php?page=toplevel_page_itsec_settings on Multi-Site)

Filter Suspicious Query Strings in the URL
and/or
Filter Non-English Characters

What are you trying to do?
(Normally, you wouldn’t need to know unless you were a coder or hacker…)

supawiz6991: I have Every user displaying the nickname, and my ?author=1 does redirect to the nickname, not the login name. And, I’m going to add your .htaccess code, nobody should ever ask by author id (clicking the Author link on a post will still work, it has the nickname in the URL).

The image is too small to show the error.
Highlight the error text and copy/paste. (Highlight from below the error text to the top-left corner, some of the error text is probably behind the layout.)

Or, check your site error_log for errors.
This will put more errors into the error log, but only for the IP address(es) you specify:
https://computerhelp.glerner.com/2014-debugging-wordpress-problems-for-only-you/

No way to tell whether HackRepair blacklist is blocking something, or it is some other problem, without knowing what the exact error message is.

harasse:

You have to enable /wp-admin/admin.php?page=backwpupsettings

backWPup running a job calls /wp-admin/admin.php (or /wp-admin/network/admin.php on Multi-Site ). ‘admin’ is commonly blocked.

Check your .htaccess file to see what strings are being blocked.

(I have iThemes Security and BackWPup both working; but I’ve customized my .htaccess to tell me what got blocked and why, so I don’t know what specifically is being blocked for you.)

Drauth:

Check the .htaccess file, and see if there is any string of characters that matches the URL or Query String of the http call made; or of the data that the other site returns.

If the included file tries to get data that is suspicious, iThemes Security will Block It.

I can’t debug it from the little you’ve shown, and it’s too complex to teach here. If you want, I can probably troubleshoot it for you. glerner.com/contact.php

White screen does not mean “iThemes Security took your site down” (especially after uninstalling the plugin).

It means there is a PHP error ***Somewhere***.

Have technical support (your hosting provider, or your site administrator, not iThemes) check your site error logs.

This may help finding the actual problem:
https://computerhelp.glerner.com/2014-debugging-wordpress-problems-for-only-you/

White screen except “error” also doesn’t mean it’s iThemes Security that doesn’t work. It could be the URL or Query String have words that are being blocked; it could be your login name is being blocked (too many login attempts by hackers); it could be other things.

The plugin help page has how to check for login lockouts.