I know this is a plugin issue and I have already posted on the developer forums, but it is a popular plugin so just wondering if anyone is having a similar problem to me.
I have been using the iThemes Security plugin for over a year now and install it on every WordPress site I create but I seem to be having a continous problem with one site. Last year the site was down a few times, this year maybe 2 or 3 and the problem seems to be the security plugin writing to the .htaccess file. The last time I did see where the code was ‘broken’, this time I am comparing the old .htaccess and the new .htaccess file and see one difference.
The start of the old one is:
# BEGIN iThemes Security # BEGIN Ban Users
The start of the new one is:
# BEGIN iThemes Security # BEGIN Ban Users # Begin HackRepair.com Blacklist
The site was receiving a 500 internal error, so I replaced the existing .htaccess file with a blank one (WordPress permalink structure inserted) and it was working fine. I had set the permissions on the .htaccess file to 444 as it seemed to get overwritten by the security plugin and cause the 500 error again. I had to deactivate the security plugin to stop it from overwriting the .htaccess file.
There is a WordPress update (4.0.1) and a Security plugin update to be done (4.4.23).
Any help much appreciated.