07-10-2019, 07:28 AM
I think someone mentioned during our discussion about anti-virus, how those guys who are supposed to protect us can screw us at the same time as well. Since they have such deep access to our Windows, they can do a lot of damage either while they are trying to protect us, or maliciously.
It happened to me tonight.
Tonight was project update all of my blogs - like I have quite a large number of those. Not sure why, but I don't want to get rid of any of them yet. Anyway, one of them had one of my old and regular passwords to get into wp-admin. And I couldn't get in. Then Wordfence sent a notification to my e-mail saying that my password had been compromised, that my account is blocked, and I need to fix my password. So how on earth does a person fix a password, without access to a WordPress blog? WordFence then gave me the option to reset my password, saying it sent it to me by e-mail, and that never arrived (I checked my spam too). Apparently others have been caught this way too, so WordFence had alternative steps, which were to go into cpanel, and disable the WordFence plugin. I did that. And then when I tried to log in, I got the white screen of death. Thanks to WordFence! What kind of protection is this?
In the end I completely removed the WordPress installation and the add on domain, added both back in cpanel, then imported a backup with my all in one plugin, disabled WordFence in the backup just before logging into the imported backup, and finally was able to change the password to a secure password. Why didn't WordFence give me that option right in the beginning?
Guess the silver lining in this is that I now know I have a password problem. If I should come across any of my accounts with that password, I'll need to immediately change it. But it was frustrating to sort out the blog.
Now I have to think of ways to protect my blogs against WordFence. I don't want to let go of WordFence yet, as I do see positives. But I think it is time to find an alternative that is a little less bulky, simpler and lighter. And isn't as clumsy with protection as WordFence has just been. Any one got suggestions for an alternative?
It happened to me tonight.
Tonight was project update all of my blogs - like I have quite a large number of those. Not sure why, but I don't want to get rid of any of them yet. Anyway, one of them had one of my old and regular passwords to get into wp-admin. And I couldn't get in. Then Wordfence sent a notification to my e-mail saying that my password had been compromised, that my account is blocked, and I need to fix my password. So how on earth does a person fix a password, without access to a WordPress blog? WordFence then gave me the option to reset my password, saying it sent it to me by e-mail, and that never arrived (I checked my spam too). Apparently others have been caught this way too, so WordFence had alternative steps, which were to go into cpanel, and disable the WordFence plugin. I did that. And then when I tried to log in, I got the white screen of death. Thanks to WordFence! What kind of protection is this?
In the end I completely removed the WordPress installation and the add on domain, added both back in cpanel, then imported a backup with my all in one plugin, disabled WordFence in the backup just before logging into the imported backup, and finally was able to change the password to a secure password. Why didn't WordFence give me that option right in the beginning?
Guess the silver lining in this is that I now know I have a password problem. If I should come across any of my accounts with that password, I'll need to immediately change it. But it was frustrating to sort out the blog.
Now I have to think of ways to protect my blogs against WordFence. I don't want to let go of WordFence yet, as I do see positives. But I think it is time to find an alternative that is a little less bulky, simpler and lighter. And isn't as clumsy with protection as WordFence has just been. Any one got suggestions for an alternative?