Better WP Security is officially iThemes Security

Well, I did get into my website.

I do like how my whitelist of IP addresses is empty. That’s a new change that I can really appreciate. After all, by whitelisting my IP address, I’ll never get to see that exciting error lockout page.

What is even better about Better iThemes WP Security WhateverItsCalledNow is that even when you DO put those IP numbers back in, it’ll only save the first line. So when I put in two IP addresses only the first on is saved. I thought it was particularly smart of me to put in my other IP address first; that way I can see the error lockout page again. I am kind of disappointed that – after putting my other IP address in – I only get to see the website like it’s supposed to be. How it looked before this update was installed.

So, having cleared up this round of iThemes Better Security questionable programming changes, I’m looking forward to what comes next. I continue to scroll through my settings to find out how to clear errors. It doesn’t look like there is any way to do that – like there was on the old (working) Better WP Security.

I have just gone in ad checked my website from my iPhone. It’s showing a Forbidden page…

Thanks, really, for this latest update. I really, really, really appreciate it.

@billfry Thanks. The contact form is best ??

@chriswiegman – Will this new version stop screwing with my .htaccess file and randomly giving me 500 Internal server errors?

I really liked the plugin until I realized it was the cause of sites randomly crashing. There isn’t a plugin that does everything this one does – i just wish it didn’t give me such headaches.

Warning: strpos(): Empty needle in /wp-content/plugins/better-wp-security/lib/icon-fonts/init.php on line 20

Warning: strpos(): Empty needle in /wp-content/plugins/better-wp-security/lib/icon-fonts/init.php on line 29

That’s some errors in administration panel which I have after updating your plugin. Installing it as new does not change anything.

I’ve looked into the code of your plugin and I see that in file lib/icon-fonts/init.php you’re getting the ABSPATH and then you’re trimming it by removing the “/” characters. However, because I have the website in the main directory, I have the ABSPATH = “/”. So, when you remove this character and then you make a “strpos()” with this as the second parameter, the “strpos()” function will show errors which I describe at the beginning of this post.

Can you correct this bug? Because – for now – your plugin cannot be used and I’m forced to stay with the older version.

Sad to see this plug-in go into the crapper. Being picked up by iThemes looks like it is going to be the death of it.

It is obvious that heavy emphasis has been placed on changing the look of the plug-in and zero emphasis on fixing old bugs, while create a whole host of new ones. New releases every day that seem to be poorly tested, if at all.

I highly recommend everyone go back to the 3.6.3 release until iThemes gets their act together…if ever…

https://github.com/ithemes/iThemes-Security/releases/tag/3.6.3

I agree. For now I have the last 3.x.x version and I’m waiting for stable version, because current 4.x.x is not stable enough.

Well…. You definitely screwed up my day with this update. I just wish you would’ve cautioned users a bit BETTER before you made the update. Saying that all you needed to do was reactivating was an understatement. i wasted a day, and I’m still locked out from my dashboard now.

I am locked out of my dashboard as well. This update is an epic fail. Second time one of these “patches” has shut me out of my own site.

Ended up having to rename the plugin directory from FTP. Uninstall the plugin. Reinstall the plugin and reconfigure many of my security settings.

Very frustrating, I have now deleted the iThemes Security plugin and installed “All In One WP Security & Firewall v3.7.1”.

So far all is good, site access speed is faster and features are similar, some are better and less prone to errors relating to being locked out of your admin.

Why would you abandon one of the most successful plugins for a obviously flawed rollout of a plugin.

****I did get warning messages to alert me of the change and espousing the greatness of the “New” programmer they had brought onboard, however the fact of intentional or un-intentionally disabling and opening websites to attack is an unconscionable and libelous act of negligence.

This was working fine until last update – now I’m locked out.
and no support forum exists on ithemes forum, not under new or old name.

Looking at the points above – its clear I can’t expect a fix.
It was working so well!!!

if I rename to get in and download 4.0.5 clean – locks me straight back out again.
So I can’t even update my settings! I can’t turn it on to start again.

Y U NO Test???
How am I going to clean out your tables ?

My tongue is BLEEDING right now because I’m biting it so hard not wanting to say what’s really on my mind.

The forum = NO HELP
The contact form = NONEXISTENT (https://ithemes.com/forum/topic/59073-hide-login-setting-how-to-log-in/)

I am totally locked out of my site and I really hope this isn’t a gimmick to “purchase the pro version” because I now do not have access to a client’s site that is HIS ENTIRE BUSINESS.

I just need to know DIRECTLY who I can email or get in touch with because everything else is going in circles.

I am beyond words right now.

EDIT:

Guys, quickest fix to get back into your sites is:

1. Login through your FTP
2. rename the better-wp-security folder to something else

You’ll get in right after that.

Thanks to Bluehost rep for helping me out, and hopefully, this helps you guys too.