I'm currently trapped outside my website and despite having access to FTP and changing the .htaccess rules (or deleting) it doesn't help.
The site is a WordPress Website, so I might need help in identifying corners in WordPress where other files might have been modified.
The problem started with a plugin wp-simple-firewall I have my post here (https://wordpress.org/support/topic/403-forbidden-forceoff-didnt-help?replies=1#post-7283293).
everything on the website is accessible, except everything on "wp-admin" folder everything in it (/wp-login.php works but when I get to places like [domain]/wp-admin/post.php etc. it goes to 403).
What I did at first was backup the htaccess file, and then deleted it. (No luck)
The next one, I deleted the plugin folder (No luck)
I then looked into the plugin's author suggestion to make a file "forceOff" on the plugin directory. (No Luck)
I tried all suggestions online to fix 403 lockouts and still no luck with any of them.
I'm actually suspecting that some sort of caching plugin is retaining some files that shouldn't be loaded and it's display 403 for me even though it shouldn't.
This is what the icwp_wpsf_firewall_options look like which pertains to the plugin in question under wp_options table of WordPress:
a:16:{s:13:"ips_blacklist";
a:0:{}s:21:"page_params_whitelist";
a:0:{}s:14:"block_response";
s:20:"redirect_die_message";
s:22:"current_plugin_version";
b:0;
s:15:"enable_firewall";
s:1:"Y";
s:21:"include_cookie_checks";
s:1:"N";
s:19:"block_dir_traversal";
s:1:"Y";
s:17:"block_sql_queries";
s:1:"Y";
s:21:"block_wordpress_terms";
s:1:"N";
s:22:"block_field_truncation";
s:1:"Y";
s:14:"block_php_code";
s:1:"N";
s:22:"block_exe_file_uploads";
s:1:"N";
s:20:"block_leading_schema";
s:1:"N";
s:16:"block_send_email";
s:1:"N";
s:16:"whitelist_admins";
s:1:"N";
s:21:"ignore_search_engines";
s:1:"N";}
This is the current .htaccess content:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
Here are the Last Error Logs in cPanel. There are 300 errors but most of them look the same and all under the 8:00:00 hour. The time now is 12:00:00:
2015-08-11 08:34:18.108 [INFO] [###.###.3.163:42779] File not found [/home/***/public_html/403.shtml]
2015-08-11 08:32:46.674 [INFO] [###.###.3.191:16694] File not found [/home/***/public_html/404.shtml]
2015-08-11 08:32:46.674 [INFO] [###.###.3.191:16694] File not found [/home/***/public_html/architecture]
2015-08-11 08:32:37.429 [INFO] [###.###.2.6:38407] File not found [/home/***/public_html/404.shtml]
2015-08-11 08:32:37.429 [INFO] [###.###.2.6:38407] File not found [/home/***/public_html/perth-drafting-services/]
(directory info and IP withheld)
Note that the .htaccess file has been copied to both root directory (public_html) and public_html/wp-admin
It's very frustrating :(