Support » Plugin: Anti-Malware Security and Brute-Force Firewall » 147229470: NO_HTTP_REFERER

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Author Eli

    (@scheeeli)

    Hi Minh,
    There were issues with the NO_HTTP_REFERER error coming up on some iPad devices but that was fixed in the latest version of my plugin and I’m not sure that it was even relevant to Firefox on a OS X anyway, but I see that you are using an older version and so the first thing you should try is to update my plugin to the latest release. You can also try logging in with a different computer (I do not get that redirect page when I fail to login to your site from my PC).

    Secondly, There does seem to be some missing hidden fields on the login page for your site and it does not seem to be outputting the right HTML form if you have the Brute-force Login protection turned on in the Anti-Malware Fire Settings. There must be some other plugin or manipulative code that is altering your login page and interfering with my plugin. Do you have any caching plugin enabled?

    You should start by deactivating and deleting my plugin from your site. You can simply delete the gotmls folder from the plugins directory on your server using FTP or the File Manager in your hosting control panel if you cannot get into your wp-admin. Then you can login to your wp-admin and install my Anti-Malware plugin again. Then I would suggest that you got to the Firewall Options and Disable the Brute-Force protection right away. Then test your login page and re-enable the protection while you can test the login from the original Mac while you are still logged in and can disable it again if it still does not work. You can also do more testing by disabling any caching on your site and deactivating any other plugins that might be interfering.

    Please let me know what you find, and if you need any more help, you can also contact me directly:
    eli AT gotmls DOT net
    … especially if you want to share any info that you don’t want on this public forum. You only needed to provide me with the error number 147229470 for me to know what the problem was, all that other info in the safe-load URL that you posted might give away personal details that you don’t really want to have out there. If you can I would suggest editing your post and removing that safe-load URL.

    Plugin Author Eli

    (@scheeeli)

    Thanks for your email. I glad that you were able to getting it working.

    Unfortunately, Only a WP Moderator can edit your post now. I am tagging the following people who are moderators and might be able to help remove your private data from that URL that you posted.

    @jdembowski @macmanx @anevins @sterndata

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    What’s private about the URLs above?

    Plugin Author Eli

    (@scheeeli)

    It shows his POST_log (login) and REMOTE_ADDR mainly but the whole think can be removed.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I’ve removed the IP address but that is the only edit that will be performed. The URLs will not be deleted.

    Plugin Author Eli

    (@scheeeli)

    Don’t you think that the POST_log is the most private value that should be removed?

    Plugin Author Eli

    (@scheeeli)

    @jdembowski,
    I think that the POST_log is the most private value that should be removed.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    There really isn’t. Please stop @’ing me about this.

    The IP was removed. The rest is user agent and minor information. The POST_log=adminh may be a user id but that’s not sensitive. It’s not credentials and there’s no reason to edit it.

    Plugin Author Eli

    (@scheeeli)

    Sorry @minhternet,
    I did my best get a moderator to help you with the edit you wanted but I think I might have pissed her off (Sorry Jan, just trying to help Minh out).

    Anyway, I would suggest that you at least change your admin username again so that this info you posted would not help someone to brute-force your password.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘147229470: NO_HTTP_REFERER’ is closed to new replies.