Can anyone provide some insight on this? I really don’t want to update on our production environment if it’s going to cause our feeds to stop working.
Hey @karks88,
I do apologize for the delay in getting back to you here. This is caused by the encryption features recently added to our plugin which is a recent requirement from Facebook to use their API. In short, the Access Token has been encryption and after moving / wp-config.php tokens and salts being changed, our plugin can no longer decrypt it properly for API calls.
To ensure that you do not run into issues between staging and production sites, you will want to set specific encryption keys and salts for our plugin. For details on this please see our documentation here.
In short, in wp-config.php for both staging and live you will want to have the same matching key and salt, like so:
define(‘SBI_ENCRYPTION_KEY’, ‘add_encryption_key_here’);
define(‘SBI_ENCRYPTION_SALT’, ‘add_encryption_salt_here’);
Add these two lines and add the Key and Salt of your choice (they can be generated here if you want a properly created one). Again, these will need to be the same on both staging and production sites.
Note: You will need to reconnect once after doing this for any site you make the change on. After this, however, you should be all set going forward. If you have further issues let me know and I will get back to you as soon as possible.
Best regards.
Thanks for your help, @joelsmashballoon! I will give this a look.
-
This reply was modified 11 months, 2 weeks ago by
karks88.
-
This reply was modified 11 months, 2 weeks ago by karks88.
Hey @karks88,
Glad to be of assistance. Just a heads up, similarily, if you use our Facebook Feed, product the very same steps would be necessary, but the key and salt variables are called
CFF_ENCRYPTION_KEY
CFF_ENCRYPTION_SALT
Just to get ahead of any potential issues there. Let me know should you need anything else.
Many thanks.
@joelsmashballoon Thanks!
If we upgrade without the salts in place, will that also disable the feed on production, or can we safely update?
Hey @karks88,
If you do not put the specific same key/salts on both Staging and Production, if you push from staging to update production this will likely break the Instagram account connection. If you simply update the plugin on production (without pushing from staging) from a much lower version of the plugin from before the encryption changes (free version 2.9.4, pro version 5.12.4) everything should currently work as data will be encrypted on update with the available keys and salts on the site.
To prepare for any issues, if you need to reconnect any account you can manually create an Access Token and ID, to then manually connect if there are any issues. To get a token and ID use our tool here: https://smashballoon.com/instagram-feed/standalone/token/.
Best regards.
Hi @joelsmashballoon,
That makes sense – thank you! We have a version control setup that just pushes code – not the database values. So I think we’ll be in good shape, but will be prepared just in case.
Hey @karks88,
Just checking in to see whether everything is still alright on your end and if you need any further assistance? If you’re all se, we can mark the thread here as resolved for now and you are always welcome to reach out again should you have any questions in the future either here or on our website.
Many thanks.
Hi, @joelsmashballoon – We’re all good, thank you for checking! I have marked this as resolved 🙂
Please I have tried to work on the same issue several times.
The same problem persists.
The Site is live
Because the site is set to Generate Secret Keys every new week to help stop constant hacking, immediately this is done, the site connected to the Instagram feed plugin is lost.
How do We set the connection to be the same even if the Secret Keys is updated it does not disconnect?
Hey @danono,
Thank you for reaching out to us for assistance. While we are looking into ways of making the encryption work on a broader range of different setups and installations, a static Key & Salt is required for our plugin to keep the source connection valid.
Is it possible for you to simply set the SBI Salt & Key for our plugin the same? That will not affect the security of the rest of your site.
Best regards.
