WordPress.org

Support

Support » Plugins and Hacks » Ultimate Maintenance Mode » [Resolved] Adding '?mshot=true' will bypass maintenance mode.

[Resolved] Adding '?mshot=true' will bypass maintenance mode.

  • I have figured out that if you add the option ?mshot=true to any URL when your site is in maintenance mode, it will allow anyone to bypass the maintenance mode. I know that this is supposed to be used for WordPress.com’s screenshot service but, is a major flaw in the purpose of the plugin. I have noticed the following hostnames using this URL option under WordFence live activity on my sites:

    • *.sat.wordpress.com
    • *.static.reverse.ltdomains.com

    You should fix this flaw so it will allow the screenshot service from only WordPress.com through and keep all others out.
    – Thanks

    http://wordpress.org/extend/plugins/ultimate-maintenance-mode/

Viewing 8 replies - 1 through 8 (of 8 total)
Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘[Resolved] Adding '?mshot=true' will bypass maintenance mode.’ is closed to new replies.
Skip to toolbar