Support » Fixing WordPress » Cheatin’ uh?

  • I realise this Cheatin’ uh? issue occurred some time ago and it also appears it was meant to be fixed about a year ago now according to some posts I found. It also appears to be a privilege related issue.

    Despite this issue appearing to be fixed some some ago it occurred for me for the first time just a few days ago.

    I was providing Yoast SEO Premium support via a tech user account access to my site.

    What I do lately when requiring support is use a dedicated support user account. This user has a subscriber status.

    I then use iThemes security pro to escalate the privileges to administrator for X amount of time.

    This way the site is reasonably safe if I happen to forget about access being granted without having to have this user set up with two factor and the like, simplifying access for the purpose of support.

    When Yoast support tried to access the sites customiser area they got the warning page Cheatin’ uh?

    So I tried to access the customiser from the tech support account and I saw the issue every time I tried too also.

    So I changed my theme to twenty sixteen and the same thing happened so its not theme related.

    Then I tried setting the tech support user account to administrator in the usual WordPress manner without going through iThemes user privilege escalation and the issue stopped occurring.

    Now while this could potentially be an iThemes security plugin issue they seem to think its a WordPress bug.

    The main purpose of this post is to establish what is causing it (iThemes security or WordPress) so the appropriate people can address the issue and fix it.

    Hopefully it doesn’t take to long for someone WordPress support related to recreate this issue and advise either way.

    Then I can either wait for WordPress dev to fix this problem in a future minor release and or so that I can inform iThemes it’s their plugin.


Viewing 2 replies - 1 through 2 (of 2 total)
  • I hate to be blunt but if it only happens with the plugin then it’s probably a plugin issue. That being said, there are cases where plugins are doing everything right and are limited by, or are at the mercy of core functionality ( intentional or otherwise ).

    If it is an issue with core someone is going to have to debug the issue and find the specific place in core where it’s breaking and steps to reliably reproduce the issue, then create a ticket in core trac. The bug will have to be reproducible without installing the plugin and probably shouldn’t even mention the plugin or it will likely get brushed off. The best people to do this would be the plugin developers.

    Blunt is all good lol

    Yeah I reckon it could be the latter. A core issue intentional or otherwise.

    I also said words to that effect to the plugin support in my last email.

    While waiting for their response I thought I would post this and see if my thoughts were confirmed.

    Next minute lo and behold they have been on both counts.

    Well done, 10 points haha


Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Cheatin’ uh?’ is closed to new replies.