terrace_29

Still haven’t figured it out yet, I tried turning off the plugins on these particular site, as well as optimizing ahead of the back up then using that file.

Any thoughts?

Thanks for the reply Ross, yes I’m certain the info is correct, but I did notice the wp_. The other thing that strikes me as odd, statpress is a plug-in I don’t use, not certain why it is showing up.

I will look back into those issues you’ve mentioned, thanks.

I still received those on a more limited basis now, but I don’t see where it’s in anyway malicious or problematic to the operation of the rest of the script.

This file is generated by the security script, I’m not familiar with your particular script, but if I were you and it was causing problems with a migration, I would simply save the file as is on your HD, then delete it from it’s location.

Okay, I see you can’t find it. Another option is to disable your sec script during your moving, then reactivate after you’ve landed on your new server.

The fact there was no activity on this thread also tells me it’s a normal function of the script, I’ve had no issues over the past year with it. Good luck and let us know how it works out

Reinstalled WordPress, now back to the whole site being out with ‘Error Establing DB Connection’.

Should I do another import of the DB? Would it overwrite the existing files or is that a bad idea?

Thanks for getting back, this was an issue that occurred on about 2-3 instances, however the last two days I’ve had no problems. I had been getting slammed over the course of the last week or so with brute force attacks, the bots harvested my usernames and were banging those.

The interesting thing was the ‘expired log-in’ was in the form of a pop up, the username and pass did not auto fill, I do have it saved in the browser and the wordpress data as well. This led me to suspect two things, perhaps my usernames were getting banged while I was inside the site, or it was a sophisticated malware or script re-direct. The criminals are famous for trying to run scripts off of certain files which you well know.

Thanks again for your reply, it is reassuring to know that it is not something implemented into your script, it didn’t make sense that you would have that feature and I appreciate you confirming that.

Hmm, no replies…. I’ll just assume others are not experiencing it, it certainly points towards potential Malware as well, but it’s hard to gauge given I’m not certain what’s going on with this script.

I always have two Admin user names across all my sites, you were wise to set up a new one, you can always use a different username to write posts with even though you are logged in with a different username.

I’m getting slammed on one of my sites where they’re hitting both usernames, I’m quickly going to opt for setting up a third user or just switch plugins.

Again, one ideal solution would be to set up a captcha or second ID code, there’s no reason the owner needs to be constantly locked out.

I am constantly receiving emails, approx 50-75 per day saying I am being denied access for too many bad login attempts. Me, the admin. I can still log in because I had white listed my IP – but what is going on? I have no idea how to diagnose the problem.

The bots are scanning the usernames, culling them from the posts.

The expiration feature is counter productive in my opinion, having to log back in and being locked out is even more annoying and time consuming.

One cure would be to add a capcha in the login screen, or a second security or password code. Rather than simply blocking the usernames, ’cause that ain’t working.

Each time I locked out I have to flush the itsec files in phpadmin, then delete the history and cookies and sometimes flush the dns.

It’s a lot of work just to get into your own site. Given that this script is updated every other day, I don’t understand why the writers aren’t addressing this.

I also find the ‘timeout’ to be counter productive, if I go to work on something else, come back and timed out log in screen is there I have to log back in, by then I’m locked out to the the constant attacks.

The bots are using the usernames now and not simply ‘admin’, is there any workarounds for these issues? I’m spending more time unlocking myself than I am working.

I’ve got to tell you, this plugin is becoming more hassle than it’s worth. I can appreciate tight security, but for some reason, and even though the plugin is updated like every other day, it’s so tight it’s getting too difficult just to work my sites.

Getting lock out notifications through e-mail even though I’m not being locked out. White listing where I can, but why is the system sending me lock out notifications that aren’t happening?

The whole permission issue when trying to upload the ‘featured image’ would have me pulling my hair out if I had any hair left to pull out, instead I”m banging my head against the wall. I change the permissions, still can’t upload the ‘feature image’, so frustrating and a big time time waster.

There other security plugins available, I’m one frustrating encounter away from deleting ‘iThemes Security’ from all my sites and getting on with my life in a less stress filled environment.

Are the authors taking into account the issues related to this script, are any actions being taken to have a plugin that works for us and not against us?

Thanks Lomars, I’ll give it a try

I’m not seeing an option to ‘delete’ the three ‘itsec’ table, the drop down only has several options ’empty’ seems to be the only choice.

How to delete those tables?

Getting these frequently, showing up as a result of my security plug-in. Today was ‘file added’ deleteme.wp5yvq.php… ‘file deleted’ deleteme.wp369e.php…

I’m quite certain they’re are harmless and system generated, but would appreciate any input

Hi bcworkz,

Thanks for your prompt reply, the issue wasn’t the slider image, but the post widgets. I checked the permissions for the directory first thing when I had the issue, however I didn’t select the correct ones as you said, they vary from server to server.

I’ve worked it out and again, thanks for your reply.

Thank you for the prompt reply, I’m assuming you mean the theme support for the new theme?

I’m also suspecting that re-install the widgets and such may be an option as well.