That’s pretty much inevitable since both plugins are trying to do much the same thing as far as security is concerned. You need to choose one or the other.
I guess I thought the 2 were entirely different:
2smember for membership only
Ithemes security for security
or does 2Smember secure my website also? I only have it so
I use it only as membership
Do I need to delete Ithemes security
What would you do for security for membership website?
thank you for your time
s2Member also secures your site.
I have tried many other security plugins to see if they would work with s2Member and all but one of those I’ve tried causes problems. So I’d definitely delete iThemes if you want to continue using s2Member.
The one that I have found compatible is Clean Login, which enables you to move the login page away from the default, forces a strong password when a user resets it and, for free registrations, uses a honeypot trap to prevent spam registrations.
To be honest, though, the best security is actually provided outside of WordPress. So if this is really important to you, you need to talk to your host to find out what measures they have in place to protect your site.
I appreciate your time and thank you ever so much
Ithemes security is the 3rd security I have tried with the website
Woodfence, Sitelock and now Ithemes. I guess I will depend on s2member.
and I got Sitelock through Bluehost but it was 123.00 a month and could keep going up. Just too much since I have not started marketing because my website is not locked down.
Since I am really a novice at this – is there anything I can do myself in my website to keep it from spam, virus or malware.
website is; http://mbshls.com
The three most important things are (a) to avoid using admin as a username, because that’s what bots use to hack sites, (b) to use a host — probably a managed host — that takes security seriously, because what they can do is far more powerful than almost anything you can do, and (c) to avoid using plugins that expose your site to security vulnerabilities.
After that, it’s a matter of weighing security against convenience. For example, moving the login page is a simple security measure. So too is enforcing strong passwords, though some people find both inconvenient.
Another option is preventing Open Registration — but, then again, you might want passers-by to be able to sign up for free. In that case, you need to look at plugins that specifically target preventing spam. There are plenty in the repo and, so long as that’s all they do, they’ll work fine with s2Member because s2 doesn’t attempt to do the same thing.
1. deleted Ithemes security
2. deactivated s2member – then re-activated
3. have actually put in each page ID (which is a plugin)
but not locking down each page like I would like.
4. restarted computer also.
5. do not know how to get back where I was before Ithemes security
3. have actually put in each page ID (which is a plugin)
I don’t understand what you mean.
Have you checked to see that the Membership Options Page has been set? Maybe iThemes changed this.
Finally, I have solved the problem(I am the problem)
1. Under membership option it is correct and has the payment button as it should.
2. under restriction options: page access restrictions I put in page ID’s like I should.
3. so then went to my IPhone(where I am not Administrator) and it worked perfectly.
4. when I am Adminstrator – the pages are open and not locked down as I want but when I go to upload my website where I am not Administrator it works like it should
5. There are so many things in s2membership that it is scarry for people like me who are novices but I do appreciate your help
Ah, yes! You do have to be logged out to test security settings.
Glad you got it worked out!
LeePatt,
In addition to using your iPhone for testing, you might also consider 2 different browsers on your computer.
For me, I do my work on my Chrome browser as Admin and do my testing on Firefox.
On the other browser (Firefox) I’m treated as a visitor because I’m not logged in like I am on the Chrome browser.
You might also try creating additional ‘dummy’ or test accounts so that you can test in your ‘testing’ browser as a visitor, free subscriber, level 1 member and so on all without ever logging out of your ‘working’ browser as Admin.
Just an idea – hope it helps.
– Steve D.
