WordPress: Problem with All in one WP Security & firewall
All in one WP Security & firewall is a fantastic security plugin but, sometimes, it can be dangerous and let us believe that everything is lost!
The web space settings is not always correct with the policies of All in one WP Security & firewall and sometimes you can have some conflicts that locked you out of our blog!
The problem often occurs after renaming the login page (brute force) added to some firewall rules. In fact, going directly to the login page www.mywebsite.com/wp-login.php or on the renamed www.mywebsite.com/access-incorporated/, we get a 404, 500 or similar error and we can not access the Admin panel to fix it the things.
No scare, the site is still in its place and I’ll explain how to go back through FTP and modifying the database with PhpMyAdmin.
Manually disable the All in one WP Security & firewall plugin:
First. Via FTP move in wp-content / plugins and rename the “all-in-one-wp-security-and-firewall” folder to “all-in-one-wp-security-and-firewall- disabled”. Another accomplice is usually the .htaccess file that is modified by the plugin in question, this file is in the root directory of the site, it is advisable to delete it.
NB Removing the .htaccess file very often prevents navigation on the site because he is responsible for rewrite permalink, so if we have modified the permalink structure using a different mode from the default one, they need some rules in the .htaccess file to get them work; As soon as we return, we will regenerate it.
Now, from the provider’s control panel, we’ll have to access the database using PhpMyAdmin, or anyway, with any other available tools: We move to the options table and look for option_name field. Search the record as aio_wp_security_configs.
This field contains all the plugin settings, eliminating it (or renaming it) will disappear all the security configurations that we activated it.
Now you can enter in you website in the normal way: www.mywebsite.com/wp-login.php The All in One WP Security & Firewall plugin will not find its folder and will automatically shut down.
Restore the .htaccess file
If the page links do not work, you should recreate it:
Let’s go to the Settings menu > Permalink here, there should be a click on “Save Changes”.
Reactivate the All in One WP Security & Firewall plugin:
We go back to FTP and move to wp-content / plugin, reporting “all-in-one-wp-security-and-firewall-disabled” to its original “all-in-one-wp-security-and-firewall” From the Admin panel, we refresh the page and in the Plugin menu we reactivate All in one WP Security & firewall. And this is all!
Now that you know how to save the situation, you can experience it safely in security, identifying the option that blocks you from accessing and always knowing how to go back.