notrobo on "[Plugin: iThemes Security (formerly Better WP Security)] Site Vanished TWICE in a Week"

I'm using the free version of iThemes security for my wordpress site. Twice now, in the last week, my site (all file folders), has completely, suddenly vanished from my server. Isn't this something that iThemes security should prevent? Would it help to upgrade to iThemes Pro? I have several sites hosted by Bluehost, and this one in particular is the only one (knock on wood), that has been having this problem. Thanks for the help.

https://wordpress.org/plugins/better-wp-security/

Sounds like there's something seriously wrong with your server that would allow an outside user to delete your installation. Can you provide some additional information... like what other plugins you have installed? If other users have FTP/access to server? This sounds like something that may be beyond what any plugin can "prevent".

Are you saying that when you check the FTP/Server Directories you see ZERO files and that everything had been wiped/deleted from the server? Or is it simply that visiting the domain it sometimes is not accessible... but all the files are still on the server?

I have quite a few other plugins installed, but no one else has FTP access to my server except my hosting company. I suspect serious problems at Bluehost. for example, I recently created a brand new email address that I wanted to distribute only to my closest friends. No sooner did I create the address, when suddenly, without sending one email, I found myself buried in an AVALANCHE OF SPAM! How is this possible unless someone on the "inside" sold my address to spammers. Also, the first time my site disappeared, I got some Bluehost security person on the phone who said she could restore my site and prevent the loss from ever happening again by paying $200 a month! I'm thinking it's time to switch to another hosting company. Bluehost is doomed. Probably some "clever" CEO who's doing whatever it takes to increase profits so he can get his bonus, then disappear when his contract is up. This is happening all over America.

Without knowing too much of what has happened... you might be right about finding a new web host. :) I really hope you you'll find a new host home that works for you. That just seems very suspicious that a brand new email address would get all that spam unless the domain had been used before or something like that.

@notrobo

Anyway unless you have solid proof that the server was compromised as a result of a vulnerability in the iTSec plugin we can't really be of any help to you on this forum.

The iTSec plugin is designed to harden WordPress security.

Once someone eg gets a hold of your FTP login credentials there is no WordPress security plugin that is going to stop that attacker from logging into the server and delete whatever they want to.

dwinden

I have no idea exactly what happened, nor do I have solid proof about anything. Who could in a case like this. All I know is, the entire directory for my website suddenly vanished. I don't know if someone has ftp access or if some hacker got in there and deleted it. MY QUESTION NOW WOULD BE: "Should iTSec plugin prevent hackers from deleting folders from the server? Thanks

@notrobo

I think I already answered that question in my previous post.
But just to make sure there is no misunderstanding the answer to your question is: No.

dwinden

Thanks for the clarification. Now I definitely suspect inside sabotage at Bluehost. Maybe because I complained about how terrible their tech support has become?