Removing row 630 from loginlock.php fixes the problem.
Here’s a diff with backwards compatibility:
https://gist.github.com/1605009
Thread Starter
Joseph G
(@evolutionaryit)
Toni,
Great thanks! Do you know if there is any plan to release a fix in the form of an update?
My password on my WP installation has expired, and when i log in w/ my user/pass i receive this message
Fatal error: Call to undefined function is_rtl() in /home/ffda/public_html/wp-includes/general-template.php on line 2102
If i disable the “require password changes” field, setting to 0, my user work fine.
Any ideas? 🙂
Versions: Login Lock == v2.2.3
and WP == 3.3.1
Thread Starter
Joseph G
(@evolutionaryit)
Looks like we have to disable this feature until a plugin update happens addressing these bugs…
I’m having this problem too.
I researched it and found this post, which is what helped me realize it was being caused by a plugin. Then I noticed that others in the comment thread were saying Login Lock was the problem. Mine worked fine with the upgrade until it was time to change the password today, then I got the error everyone here is talking about.
http://www.famousbloggers.net/getting-ready-for-wordprss-3-3-solve-fatal-error-call-to-undefined-function-is_rtl.html
I’m just now in class for HTML/CSS, so I’m afraid Toni’s post and link, though helpful, doesn’t make much sense to me.
Does this mean I have to remove this plugin? It was really helping me. It’s already shown me over 20 hacker attempts on my site that I’m then able to go into my admin panel and block those IP addresses.
Mostly, though, now that I see all those hacker attempts, I don’t want to leave my site vulnerable.
Does anyone know of any similar plugins I can use when I disable this one?
THanks.
Thread Starter
Joseph G
(@evolutionaryit)
There is a bug in the current version of this plugin. You can disable the Password Policy Settings in Login Lock as below until there is a fix for the plugin:
Set => Enable the password policies shown below to NO
OR
Here are a few others that might do what you need:
http://wordpress.org/extend/plugins/lockdown-wp-admin/
http://wordpress.org/extend/plugins/simple-login-lockdown/
http://wordpress.org/extend/plugins/limit-login-attempts/
I’ve not used or tested these so I can’t comment on them.
Thank you so much Evolutinarit but if I have to disable the plugin through FTP access via my web host (they’ll have to do this for me until I learn how to code) how will I be able to do what you’re suggesting? Right? I won’t be able to get back in to the plugin, will I?? (I’m still new to all this.)
I think I may try this all-inclusive plugin. Do you know anything about it?
http://wordpress.org/extend/plugins/better-wp-security/
Plugin Author
Mark
(@wpsec)
If you guys bother to check the FAQ section in README you’d find really really really clear info on how to report bugs – which incidentally doesn’t includes using this forum. Just sayin’…
Fortunately a forum reader went to my site and sent me a note via the contact form – the preferred way to deal with issues with my software.
It’s probably good practice to check the README for all plugins.
That said, I’ll look into fixing this issue.
Thread Starter
Joseph G
(@evolutionaryit)
Hello Mark,
Thanks so much for your contributions to the WP community! You & your plug-ins rule! =)
Plugin Author
Mark
(@wpsec)
As a follow up, it was evolutionaryit who contacted me. Thanks.
Fix is forthcoming.
I’ve appreciated this plugin. It’s helped me ward off many hacker attempts. So thanks. I’m glad you’ll fix the bug so that I can re-install it later.
However, this message board is where I was taken after I clicked on the box “Compatibility” with newest WP version button to indicate the plugin wasn’t working properly.
So, while I appreciate you’re pointing out the “README” just want to let you know that was not where I was directed when I came to the page to try to research the issue.
Mark,
What is your ETA for the fix on this? I’m debating whether to wait, or go in and install something else for security until this is fixed so I can do my admin work.
Eagerly awaiting this fix too!
Same problem here. I’ve tried to remove line 630 from loginlock.php as suggested, but although that gives me the reset password page, it won’t accept any password as new ones saying that they’ve been used before (they haven’t).
Am I right in saying that I can just remove the loginlock plugin by FTP to uninstall it? That won’t affect anything else?
Thanks
