Hi Mamu,
would you be able to post your website URL so that I can run some tests on my end? I checked the site mentioned in your profile, but Slimstat doesn’t seem to be installed on it.
Thank you,
Jason
-
This reply was modified 6 years, 11 months ago by
Jason Crouse.
Here it is:
http://www.mamuphoto.it/
The plugin is installed and activated.
Grazie,
mamu
Ok, let’s see if we can troubleshoot possible causes for the issue, as I don’t see the tracking code anywhere in your source code:
– Is Slimstat currently active on your blog?
– Is “Tracking” enabled in the settings?
– Is the tracker returning any errors under Settings > Maintenance?
– Do you have any caching plugins preventing Slimstat from working as expected?
– Any errors in your web server error log?
Let’s start from here.
Jason
– Is Slimstat currently active on your blog?
Yes
– Is “Tracking” enabled in the settings?
Active tracking is OFF, because with the older plugin releases i had some issue with my images galleries.
I set it ON and nothing changed.
Here is a screenshot of that page with the actual settings
https://drive.google.com/open?id=0B0jjmAu8ZTn1QXh4SjNkdzYySlk
– Is the tracker returning any errors under Settings > Maintenance?
No errors
– Do you have any caching plugins preventing Slimstat from working as expected?
I think no, not sure about it
– Any errors in your web server error log
Sorry, but i don’t know how to get it
Afterall, i’ve clicked on the “Enable SQL Debug”,
and the the traking now works. I don’t now why.
Now “SQL Debug” is disabled, and the plugin still works fine
Can you see changes by your end now?
Do you need other infos?
Thank you,
mamu
Hi @damianomalorzo,
Attiva tracciamento (Enable Tracking) is “Off” (on your screenshot). It could be reason why plugin doesn’t enqueue script. If it’s on, you should see slimstat script in HTML source. (check it first)
Related to issues with images galleries, you can exclude some CSS classes in “Tracker -> Link Tracking”. I had similar issues and it helps. Also, please check browser console, maybe there are some JS errors which block running of scripts.
Also (it isn’t related to this plugin), it’ll be helpful if you switch to pretty permalinks. Maybe it’s issue related to .htaccess or something like this. (eg. nginx server). More info on https://codex.wordpress.org/Using_Permalinks and https://codex.wordpress.org/htaccess
Sasa
Hi Sasa,
for now it seems the plugin works (yesterday i wrote how i did), i’ve set the “Active Tracking” ON.
I’m monitoring its behaviour for some day.
Tank you,
mamu
I just saw 404 (AJAX request) error on your website. I made screenshot:
I’m not sure that works as should. You can debug it trough web console. Instructions – how to open web console:
https://codex.wordpress.org/Using_Your_Browser_to_Diagnose_JavaScript_Errors
https://developer.mozilla.org/en-US/docs/Tools/Network_Monitor
https://developers.google.com/web/tools/chrome-devtools/network-performance/resource-loading
You will see POST admin-ajax.php (same as on my screenshot) when you select XHR in Network tab. You should see status 200, then when you click on admin-ajax.php, you will see “Response tab” where is only one line with some number.
It’s possible that some security measures blocks these requests. Try to find your apache logs, it depends on installation/hosting. I can send instructions if you send some details about hosting.
Hi,
excuse me if i took sometime to reply, but many of the things you wrote are new for me and i needed time to look for.
I’m trying to use the console of Chrome not Firefox.
I saw what you said,
here is a screenshot and a lot of errors
https://drive.google.com/open?id=0B0jjmAu8ZTn1RGVqckI0a0tlUVU
How can i get Apache logs?
About my hosting i know that is linux based, What kind of other info do you need ?
Thank you
You can ask your service provider to help you find you apache logs.
Jason
Hi,
i’m waiting for a reply by my provider…
Thank you,
mamu
Hi,
my provider wrote:
” These are the logs
[Fri Jun 09 12:07:11 2017] [error] FastCGI: server “/home/mamuphoto.it/usr/local/wrappers/php5-fcgi” stderr: PHP Notice: Undefined index: token in /home/mamuphoto.it/public_html/wp-admin/admin-ajax.php on line 1, referer: http://www.mamuphoto.it/wp-admin/admin.php?page=slimview5
[Fri Jun 09 12:07:11 2017] [error] FastCGI: server “/home/mamuphoto.it/usr/local/wrappers/php5-fcgi” stderr: PHP Notice: Undefined index: token in /home/mamuphoto.it/public_html/wp-admin/admin-ajax.php on line 1, referer: http://www.mamuphoto.it/wp-admin/admin.php?page=slimview5
[Fri Jun 09 12:07:11 2017] [error] FastCGI: server “/home/mamuphoto.it/usr/local/wrappers/php5-fcgi” stderr: PHP Notice: Undefined index: token in /home/mamuphoto.it/public_html/wp-admin/admin-ajax.php on line 1, referer: http://www.mamuphoto.it/wp-admin/admin.php?page=slimview5
[Fri Jun 09 12:07:11 2017] [error] FastCGI: server “/home/mamuphoto.it/usr/local/wrappers/php5-fcgi” stderr: PHP Notice: Undefined index: token in /home/mamuphoto.it/public_html/wp-admin/admin-ajax.php on line 1, referer: http://www.mamuphoto.it/wp-admin/admin.php?page=slimview5
[Fri Jun 09 12:07:12 2017] [error] FastCGI: server “/home/mamuphoto.it/usr/local/wrappers/php5-fcgi” stderr: PHP Notice: Undefined index: token in /home/mamuphoto.it/public_html/wp-admin/admin-ajax.php on line 1, referer: http://www.mamuphoto.it/wp-admin/admin.php?page=slimview5
Probably the plugin conflicts with the security code in /wp-admin/admin.php. This is a code to prevent SQL injection attacks. The code is automatically entered in the first few lines of the file.
At the moment it does not, maybe you probably have already corrected it.
To avoid adding code, I can exclude your site from entering this code.
If you confirm, I will proceed.”
The plugin for some days worked almost properly, but in these few day is not working good again.
What do you suggest me?
Do I say to my provider to exclude my site from auto entering code?
Or what?
Thank you,
mamu
….and this is what mostly happens when i look for stats with your plug in
https://drive.google.com/open?id=0B0jjmAu8ZTn1dnI0S25EczZTTWs
Just to let you know best.
Thanks
Hi @damianomalorzo
PHP notice is strange because I can’t find token in admin-ajax.php. I see that post request for admin-ajax.php returns regular respond and status 200.
It’s possible that some security measures on the server makes troubles, but I think that isn’t related only to slimstat plugin. I’m sure that affects more plugins and maybe WP core.
I don’t know details, but changing of WP core (if your hosting provider does it), it doesn’t seem as good idea. So, I advise you to exclude your website from this feature.
One of possible way to prevent SQL injections are rules in .htaccess. An example:
# Block MySQL injections, RFI, base64, etc.
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC,OR]
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC]
RewriteRule .* - [R=404,L]
Also there are other rules to increase security:
http://www.wpbeginner.com/wp-tutorials/9-most-useful-htaccess-tricks-for-wordpress/
https://codex.wordpress.org/Hardening_WordPress#Securing_wp-includes
One good way is two factory authentication (you can see in previous URL) – apache htpasswd before WP authentication.
From server side, apache offers mod_security ( https://modsecurity.org/about.html ) which is more efficient. I’ve good experience with this apache module and I didn’t notice troubles related to WP.
I hope that helps. It’s tricky to give any advice about security, but try to add extra rules in .htaccess and 2FA (two factory authentication). Also regular updates are very important.
Sasa
Thank you,
i will take a look in the next few days.
Damiano
Goodmorning,
@sasa: the first way you suggest;
where can i use the code you wrote?
Where do i have to create the .htaccess? Which is the path?
Thank you to you all for helping,
Damiano
