I used this plugin : http://wordpress.org/extend/plugins/better-wp-security/ to secure my self hosted blog. Now just today, I switched my host, and after transferring my website, updating the database details in the wp-config.php file, after changing permission from 0444 to 0644, and then after making the changes, back to 0444, I am unable to login. The title of my blog is a different color and style, when I go to the url I had set using the plugin for login, I get : Forbidden You don't have permission to access /wp-login.php on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. I tried deleting the .htaccess file, but then, when I went to /wp-login.php, I got the same error, and when I went to the set login url, I got 404 Not Found. Someone please help me with this ASAP!! There's only 1 day left until my old hosting account expires, and there's no way I can renew it now, as the domain expired a long while ago.
Someone please help me. This isn't specifically about the plugin. This is happening with my other sites as well, the login url or wp-admin show 403 errors.
I would reupload all WP files and delete files belonging to the plugin. (I am just guessing here, I hadn't encountered this issue before. Remember to back up everything)
For the best security, the Most common plugin is WP bulletproof security for your blog and almst all bloggers use this plugin.
WP is pretty secure itself and I think that there is no need to install any plugins that just slow down your blog.
Try out a caching plugin such as WP Super Cache or W3 Total Cache. WP is itself secured. The common security issue I met is to be spammed via login form (wp-admin). So my suggestion is to use "Login reCAPTCHA" plugin to protect the admin login form. That's enough