WordPress Security Plugin Issue

allanlud · November 28, 2014, 10:15am

I know this is a plugin issue and I have already posted on the developer forums, but it is a popular plugin so just wondering if anyone is having a similar problem to me.

I have been using the iThemes Security plugin for over a year now and install it on every WordPress site I create but I seem to be having a continous problem with one site. Last year the site was down a few times, this year maybe 2 or 3 and the problem seems to be the security plugin writing to the .htaccess file. The last time I did see where the code was ‘broken’, this time I am comparing the old .htaccess and the new .htaccess file and see one difference.

The start of the old one is:

# BEGIN iThemes Security
# BEGIN Ban Users

The start of the new one is:

# BEGIN iThemes Security
# BEGIN Ban Users
  # Begin HackRepair.com Blacklist

The site was receiving a 500 internal error, so I replaced the existing .htaccess file with a blank one (WordPress permalink structure inserted) and it was working fine. I had set the permissions on the .htaccess file to 444 as it seemed to get overwritten by the security plugin and cause the 500 error again. I had to deactivate the security plugin to stop it from overwriting the .htaccess file.

There is a WordPress update (4.0.1) and a Security plugin update to be done (4.4.23).

Any help much appreciated.
Thanks,
Al.

allanlud · November 28, 2014, 11:22am

I have updated WordPress and the security plugin, all seems to be working ok at the moment.

The file size of the ‘broken’ .htaccess file was 91KB and the new .htaccess file is 71KB. The difference between them is code that starts with:

# BEGIN HTML5 Boilerplate .htaccess

Would this be coming from the security plugin, does anybody know?

system · February 27, 2015, 6:37pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.