Release iThemes Security Lockouts:
A common support request we receive for iThemes Security involves getting locked out after installing iThemes Security (formerly Better WP Security). iThemes Security lockouts usually result from too many 404 errors being hit in the “intrusion detection” part of the plugin.
Here’s how to fix it:
If you're an iThemes Sync user you can release this from your sync dashboard. Navigate to either the Overview or iThemes Security page and you'll see the setting to release it.
If you're not a Sync user you can manually release the lockout:
Confirm the lockout is due to “intrusion detection.”
Make sure intrusion detection is causing the problem and not something else. Open up your database and find the table xxxxxx_itsec_lockouts (where xxxxxx is your table prefix).
In this table, look for your IP address. If your IP is included in the table, intrusion detection is likely the lockout problem.
Clear the lockout.
In your database, delete the record with your IP address from the xxxxxx_itsec_lockouts table. Check to see if you have access to your site again.
Note: In some cases, you may be receiving so many 404 errors that you may immediately be locked out again. If this is the case, check again for your IP address and move on to the next step.
Find out what is causing the 404 errors and fix each error.
Open your iThemes Security Logs, find the entries with your IP address. Each line represents a file that your site is pointing that does not actually exist (hence the 404 error).
You will need to manually fix these errors 1 by 1 to prevent lockouts from reoccurring. Once you fix the errors, you should no longer have any problems accessing your site. You’ll also have the added benefit of fixing them for Google and other search engines which may penalize you for too many 404 errors.