WordPress.org

Ready to get started?Download WordPress

Forums

AdSense Click-Fraud Monitoring Plugin
[resolved] Important Security Issue (3 posts)

  1. Enelcaso
    Member
    Posted 8 months ago #

    Hi there,

    Ive installed CFM, and found out that if you are using basic apache security .passwd/.htaccess to protect your wp-admin folder. Result is that to users that are not logged in, an apache login/pass screen comes up every time you view a page.

    So I had eliminate temporarly the apache security, I think this a thing you might want to look into.

    The plugin is awesome, takes a BIG weight off my shoulders.

    Regards,

    enelcaso

    http://wordpress.org/plugins/adsense-click-fraud-monitoring/

  2. Rene Hermenau
    Member
    Plugin Author

    Posted 8 months ago #

    Hi Enelcaso,

    soory to say, but thats not the fault of my plugin its a lack of the way you implemented the htaccess and passwd:

    If you password protect your WordPress Admin directory, then it will break the Ajax functionality in the front-end, generally and for all othe rplugins. Here is how you fix that issue.
    Open the .htaccess file located in your /wp-admin/ folder
    In the wp-admin .htaccess file, paste the following code:

    <Files admin-ajax.php>
    Order allow,deny
    Allow from all
    Satisfy any
    </Files>

    You are done:)

    Cheers, René

  3. Enelcaso
    Member
    Posted 8 months ago #

    Fix worked Great!
    Thanks a lot!
    Enelcaso

Reply

You must log in to post.

About this Plugin

About this Topic