Plugin continually reverts all custom settings to the initial defaults

  • Resolved sushidub

    (@sushidub)


    11 months, 1 week ago

    WP 6.4.2
    Solid Security 9.2
    PHP 8.1

    Three times today, another two times this past week, and once the week prior, Solid Security has reverted our custom settings to the ones that are set by default when initially setting up the plugin via the onboarding wizard. These events were not triggered by any of our users and/or deployments. They happened, seemingly arbitrarily.

    Each time the plugin reverted the settings, we lost all of our customization and forced to walk through each step of the setup wizard in order to reset the settings. For each time this has occurred, nothing in the logs points to how or why this may have happened.

    I would like to note that we critically rely on the plugins custom slug/entrypoint feature allowing us to mask the usual wp-login entrypoint with our custom slug. The feature and the plugin as a whole has worked just fine prior to this recent usurping of iThemes. Now, every time the plugin decides to revert, we naturally lose our customizations. Worse yet, our users (who aren’t aware of the technicalities involved when the plugin regresses), are being routinely banned by the same plugin due to the fact that their browser doesn’t recognize the default wp-login entrypoint. Their local cache is useless in an attempt to autofill (remember) login credentials. The problem is further compounded into confusion after the user unknowingly racks up three invalid login attempts in a row and told without explanation their IP has been banned.

    Since we’re a very large non-profit organization with over 800 registered WP users, half of which are logged in to the WP backend at any given (throughout the various time zones) dealing with this today was an internal nightmare .

    If we can’t find answers here or elsewhere in the very near term we’ll be replacing the plugin for one we can rely on.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support chandelierrr

    (@shanedelierrr)

    Hi @sushidub, thanks for reaching out! This appears to be a significant issue disrupting your organization, and we’ll help you get to the bottom of this.

    The plugin settings reverting to default is something that we don’t often come across, and at the moment, this is the only report we have had of it since the rebrand launch. There could be something specific to your site environment like a database corruption issue causing the automatic reset, a permissions issue causing the custom settings not to save, or even a caching-related issue.

    The Solid Security settings are stored in the wp_options table, particularly in the itsec-storage option name. Here is a short guide to see where the Hide Backend login slug setting is saved.

    If you have a staging site, I’d recommend testing the HBE setting there with no other third-party plugins and themes activated and seeing if you can reproduce the same issue where the plugin settings will automatically revert to default. If the problem persists there, please send us the steps to replicate the issue on our test environments.

    While testing, try creating a new post when the plugin settings are set to your custom configuration, and then check if that post will disappear along with the plugin settings reverting to default. If it does, the site database is likely being rolled back, and it’s not just the plugin settings that are reverting.

    I’d also encourage you to check for any unexpected behavior within your server: like temporary storage issues, resource limitations, misconfigured scheduled tasks, or file permissions issues that could possibly cause the plugin settings not to store correctly.

    While investigating the possible causes, here’s what you can do as a workaround to lessen the lockout instances for your site users: increase the Ban Threshold in your Security > Settings > Global Settings to 10.

    Hope this helps, and please let us know how it goes.

    Plugin Support chandelierrr

    (@shanedelierrr)

    Hi @sushidub,

    I hope the previous reply helped resolve the issue. Tracking notifications on this forum can become tricky over time, and since we haven’t received a response, I’ll mark this post resolved.

    If you still require further assistance, feel free to open a new support topic, and we’d be happy to assist.

    Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Plugin continually reverts all custom settings to the initial defaults’ is closed to new replies.