Error on your picture :)

Same here! I had to put the redminus.png url in the whitelist…

I think this issue happens to people who have wp installation inside a folder (es. wordpress) like me. The plugin panel goes looking for that image in “/wp-content/plugins/better-wp-security/modules/free/file-change/images/redminus.png” instead of lookin for it in “/wordpress/wp-content/plugins/better-wp-security/modules/free/file-change/images/redminus.png”.
In the file “class-itsec-file-change-admin.php” I found that the variable $path is used to generate the url of that image.

Cheers.

I’ve got the same thing)

Solved…. ??
@rezal72 Spot on…
Solution
I downloaded the PRO version from Ithemes and installed that one..
The error was fixed the next day with an update!

Another issues was that all my pictures path to itself showed up as “broken links” … But the update fixed that one.

Another issues was that I use BAN users in the free version and my IP list is LONG!! But I had to delete the entire list to get everything working and not locking my self out! And my “Domain watcher” from US was reporting SERVER DOWN … So every bad hacker and login attempt has got an undeserved second chance!!

Netz, you should add your IP to the Lockout White List!

Hi!
Thanks
I did… and my host! and my domain… etc.
But my IP is dynamic ??

That is definitely NOT a solution! ??

Here is the solution:

in the file better-wp-security/core/class-itsec-lib.php

in the function (see the line in bold):

public static function get_module_path( $file, $with_sub = false ) {
$directory = dirname( $file );
$path_info = parse_url( get_bloginfo( ‘url’ ) );
$path = trailingslashit( ‘/’ . ltrim( str_replace( ‘\\’, ‘/’, str_replace( rtrim( ABSPATH, ‘\\\/’ ), ”, $directory ) ), ‘\\\/’ ) );
if ( $with_sub === true && isset( $path_info[‘path’] ) ) {
$path = $path_info[‘path’] . $path;
}
return $path;
}

has to become:
$path_info = parse_url( get_bloginfo( ‘wpurl’ ) );

in this way the plugins get the correct url to the REAL wordpress folder (this happens when someone installs wp inside a custom folder, like me).

Cheers

Hey All,

Thanks for the information! Could you please share what versions you’re using? If you’re not running the latest version of 4.0.21, could you update and let me know if that helps?

Thanks,

Gerroald

Hello Gerroald!
Bad luck! ?? i’ve intalled the latest version today before writing the solution tweak. The issue is still present in v. 4.0.21
Thanks for replying

PS Wonderful plugin!

Yes, I confirm. The issue is still present in 4.0.21.

Update:

version 4.0.23: issue still present.

Please, fix this error!) It is still present in version 4.0.25.

Blazer,

We’ve tested this with a subdirectory and root install and well as multi-site with subdirectories, subdomains and domain mapping none of which have seen the problem after about 4.0.7. Can you please email us on our contact form so we might be better able to reproduce what you are seeing?

iThemes,

I can’t find your contact form. Or should I open new thread on your support forum?
I’ve got single-site with subdirectory installation. I’m using 4.0.25 now and if I open “Settings” tab in iThemes Security plugin, I always get 404 error:
/sub-dir/plugins/better-wp-security/modules/free/file-change/images/redminus.png
redminus.png is present in ../free/file-change/images/.
But I think correct path should be:
/installation_dir/sub-dir/plugins/better-wp-security/modules/free/file-change/images/redminus.png

I am being locked out even while whitelisting my I.P. address. How do I get back into my own sites after being locked out without removing the plugin. Because I can’t reinstall the plugin without being locked out again and the error I’m being locked out for is not of my creation but of the theme developers.

Forget it. I found the write up on accessing the database and deleting my I.P. there.

Latest update Version 4.0.27: Can’t update CSS code, save anything, enter i.p. addresses for white listing, build a product, edit a form. I can’t do anything without getting locked out. Checked the log file, which hit 195mb inside of a few seconds, and everything (every plugin and the theme) is being nailed as an Error or 404.

(following day) After a week plus of nonsense on both existing sites and new ones I have opted to remove iThemes plugin due to so many errors and lockouts. Going back to BWPS 3.6.6. and my old security set up because it worked flawlessly and it was free to boot.

Hi,
I have the same issue on WP 3.9, iThemes Security 4.1.5.
I have bloginfo( ‘wpurl’ ) different than bloginfo( ‘wpurl’ ) since WP is installed in a subfolder.

in Logs ? 404 errors found I’m always getting:
“/wp-content/plugins/better-wp-security/modules/free/file-change/images/redminus.png”

Could this be fixed?
Regards
Davide