rpvp

Above link did not post. Here it is again another way:
bit.ly/1R4UnId

Yes, I saw that and like it, but still waiting for the answer to someone else’s question about it. I cocmmented in the thread that I wanted to know too. It was about how many websites it can be used on, etc.

I like the live traffic feature. I can see immediatelty who to block — if they’re from Ukraine or China, etc, they have no business looking at a local hvac site.

And their scan feature of course. It easily restores modified files to the original version. I like how you can see what was modified.

I would also like to know the answer to this.

What do you mean by “have any plugins that relate to a2”. What is that?

Here’s an example, the WP codex on hardening wordpress says file permissions for wp-admin and wp-includes should be “writable only by your user account”. And yet this plugin recommends 755 for both.

So if it’s only my user account, isn’t that “700” or am I wrong on permissions?

Yes, I agree with that, but there are a lot of static files that can be protected. Maybe I’m wrong. Thanks

Sure. This plugin has a great feature that tells you when files have been modified. So likewise does Wordfence, but it allows you to restore the modified file back to the original from the WP repository.

I’m having a malware issue now, where several files are getting modified every day. Some of the files are in the wp-includes folder — js type files. Somtimes 100s of them.

My comment or question was, why can’t plugins like this do something to stop files from being modified in the first place?

Oh, yes, it goes away. I should have mentioned that, sorry. That was one of the first things I did. And like I said, I went into my htaccess and justed deleted that character string in that section. I then checked cpanel, and then the redirect was still there, but now with the next character string, which was “\:”

Here’s just part of the htaccess section:

#AIOWPS_ADVANCED_CHAR_STRING_FILTER_START
<IfModule mod_alias.c>
RedirectMatch 403 \,
RedirectMatch 403 \:
RedirectMatch 403 \;
RedirectMatch 403 \=
RedirectMatch 403 \@
RedirectMatch 403 \[

Just looking in cpanel in my add-on domain area or the sub-domain area. Both areas allow you to manage redirection.

I can’t post a pic here, but here’s a screencast. Ignore the red arrows — I was just using them to cover other info.

https://screencast.com/t/cAmEukCl9CAV

And I can stilll login fine. And it does not seem to have an effect on the site. I was having another issue and called hostgator. They noticed it and had a lot of questions about it.

Thank you very much.

Thanks guys. Is there a place in this plugiin where I can white list my IP? I accidentally got locked out.

Also, is this the only security plugin you’re running, or aslo using something like wordfence, etc? Thanks

Meaning de-activate all plugins, then install yours, then activate all again one by one? No, shouldn’t have to do that. Solved it by loging into my site via login.php, using optimize db plugin to delete all transients, then simply installed a DIFFERENT gallery plugin. Problem solved and I have a beautiful gallery.

Easy-tooltip works, but not for any markup or images unfortunately.

Great plugin support! That’s the fastest response I’ve ever received. Thank you for the good work.