I’ve noticed a trend lately. Nearly every support request I receive for any of the software I develop involves someone getting locked out of their website after installing Better WP Security. As such, to date we have managed to fix every issue which typically result from a host lockout due to too many 404 errors being hit in the “intrusion detection” part of the plugin. Here’s how to fix it:
Confirm the lockout is due to “intrusion detection”
First we need to make sure that intrusion detection really is causing the problem and not something else. Open up your database and find the table xxxxxx_BWPS_lockouts (where xxxxxx is your table prefix). In this table look for your IP address. If it is there this is probably the problem.
Clear the lockout
Delete the record with your IP address from the xxxxxx_BWPS_lockouts table and see if you have access to your site again. Note that in some cases you may be receiving so many 404 errors that you may immediately be locked out again. If this is the case check again for your IP address and move on to the next step.
Find out what is causing the 404 errors and fix each error
Open the table xxxxxx_BWPS_d404. In this table find the entries with your IP address (probably near the bottom of the file) and see what files they are pointing to. Each line represents a file that your site is pointing to (not within Better WP Security) but does not actually exist. You will need to manually fix these errors 1 by 1 to prevent lockouts from reoccurring.
Once you fix the errors you should no longer have any problems accessing your site and you’ll have the added benefit of having fixed them for Google and other search engines which may penalize you for too many errors.