Title: Dr. Sahil Baghla's Replies | WordPress.org

---

# Dr. Sahil Baghla

  [  ](https://wordpress.org/support/users/andy786/)

 *   [Profile](https://wordpress.org/support/users/andy786/)
 *   [Topics Started](https://wordpress.org/support/users/andy786/topics/)
 *   [Replies Created](https://wordpress.org/support/users/andy786/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/andy786/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/andy786/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/andy786/engagements/)
 *   [Favorites](https://wordpress.org/support/users/andy786/favorites/)

 Search replies:

## Forum Replies Created

Viewing 11 replies - 1 through 11 (of 11 total)

 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Shield Security – Smart Bot Blocking, Brute-Force Login Protection & File Scanning] Query Regarding Traffic Rate-Limiting and Block Bad IP/Visitors Functionality](https://wordpress.org/support/topic/query-regarding-traffic-rate-limiting-and-block-bad-ip-visitors-functionality/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [2 years, 7 months ago](https://wordpress.org/support/topic/query-regarding-traffic-rate-limiting-and-block-bad-ip-visitors-functionality/#post-17215091)
 * Hi Paul,
 * Thank you for your prompt response. I acknowledge your message regarding the 
   direct linking feature between the CrowdSec premium account and Shield being 
   a premium-only feature.
 * I appreciate your clarification on the appropriate platform for further discussion,
   and I will reach out via email to continue the conversation and for exploring
   potential options.
 * Thanks again for your assistance.
   Best Regards,Dr. Sahil Baghla
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[WP Offload Media Lite for Amazon S3, DigitalOcean Spaces, and Google Cloud Storage] Rewriting Local URL is not functionable for User Avatars Images](https://wordpress.org/support/topic/rewriting-local-url-is-not-functionable-for-user-avatars-images/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/rewriting-local-url-is-not-functionable-for-user-avatars-images/#post-17079027)
 * Hello WP Offload Media Support Team,
   I would be contacting “Simple Local Avatars”
   support team about this issue and will point them to your documentation about
   filtering URLs.
 * Meanwhile, I have successfully implemented a manual workaround for uploading 
   Avatar. I am writing it over here. It could be beneficial for other Free/Pro 
   users of your Offload Media plugin until the “Simple Local Avatars” plugin doesn’t
   tweak their plugin for using WordPress hooks.
   **The Manual Workaround is as follows**:
   Dashboard -> Settings -> WP Offload Media -> Media
 * -> Offload Media option Turned On (Copies media files to the storage provider
   after being uploaded, edited, or optimized)
   -> Remove Local Media to be turned
   OFF -> Uploading the image file as Avatar. Now It will have the Local URL as 
   well storage provider URL. -> Remove Local Media to be turned OFF (**Note: It
   is important to skip the next option Remove all files from the server** “You’ve
   enabled the “Remove Local Media” option. Do you want to remove all existing files
   from the server that have already been offloaded? Click on **Skip**)Because we
   don’t have the Avatar image present locally at the Server with the local URL 
   to be removed.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [How to remove malware from wordpress site?](https://wordpress.org/support/topic/how-to-remove-malware-from-wordpress-site-2/)
 *  [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 4 months ago](https://wordpress.org/support/topic/how-to-remove-malware-from-wordpress-site-2/#post-16556966)
 * Carefully follow [this guide](https://wordpress.org/support/article/faq-my-site-was-hacked/).
   When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://wordpress.org/support/article/hardening-wordpress/)
   and [start backing up your site](https://wordpress.org/support/article/wordpress-backups/).
    -  This reply was modified 3 years, 4 months ago by [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/).
    -  This reply was modified 3 years, 4 months ago by [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/).
    -  This reply was modified 3 years, 4 months ago by [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/).
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Proxy & VPN Blocker] Restricted Country/Continent Option is not working properly](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/#post-16117711)
 * Hi Rick,
 * I have updated the plugin to version 1.10.4. I completely understand your busy
   schedule. I have used the “Allow Staff Bypass” option “Protect on Login/Auth”
   being off. And it is working perfectly, and staff like the Editor/Author can 
   log in to the website.
 * Your tool has done a great job at blocking VPN / proxies. We noticed that some
   people were able to use Google Translate ([https://translate.google.com/](https://translate.google.com/))
   and visit our website even from the blocked countries list. Google translate 
   is essentially a proxy server. You may also check the reference article for the
   same at [https://www.onlinecmag.com/use-google-translate-proxy-server/](https://www.onlinecmag.com/use-google-translate-proxy-server/).
 * For some reason, your tool did not block these requests. Do you know why this
   would be the case? Any help or suggestions would be greatly appreciated. Thanks!
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Proxy & VPN Blocker] Restricted Country/Continent Option is not working properly](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/#post-16092312)
 * Hi [@rickstermuk](https://wordpress.org/support/users/rickstermuk/),
 * It is excellent that you are working on a solution for the same. But how long
   is it going to take? I am curious to implement the updated plugin on all my websites.
 * Regards,
    Sahil B.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Proxy & VPN Blocker] Restricted Country/Continent Option is not working properly](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/#post-16076470)
 * Rick,
 * It is to inform you that it works perfectly for Admin account privilege. But 
   when I tried to log in by editor/author/subscriber account. It is not working.
   The same VPN blocking restriction is functioning over there.
 * You did put a check in the code for “Block on Login/Authentication”, if that 
   setting is off and “Block on Entire Site” is on, it doesn’t now run on wp-login.
   php only for the Admin account.
 * I believe you have added some code to make the admin account workable over there.
   It would be best if other accounts like editor/author/subscriber should also 
   be able to access the WordPress dashboard.
 * Thanks for the effort.
    -  This reply was modified 3 years, 9 months ago by [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/).
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Proxy & VPN Blocker] Restricted Country/Continent Option is not working properly](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/#post-16073695)
 * Hi Rick,
 * It is working perfectly. Country blocking works perfectly with the turning on
   option, i.e., Block on Entire Site. And at the same time, teammates can easily
   log in to the website from wp-login.php as “Block on login/authentication” is
   Off.
 * But Login Authentication [http://www.site.com/wp-admin/](http://www.site.com/wp-admin/)
   is not working. The login page only comes after writing [http://www.abc.com/wp-login.php](http://www.abc.com/wp-login.php).
   A regular user does login to the WordPress site either thru Login Authentication
   by writing [http://www.site.com/wp-admin](http://www.site.com/wp-admin) or [http://www.site.com/wp-login.php](http://www.site.com/wp-login.php)
 * It is important that [http://www.abc.com/wp-admin/](http://www.abc.com/wp-admin/)
   should also work. I am curious to see a patch for your side soon for the same
   too.
 * Sahil B.
    -  This reply was modified 3 years, 9 months ago by [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/).
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Proxy & VPN Blocker] Restricted Country/Continent Option is not working properly](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/)
 *  Thread Starter [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/restricted-country-continent-option-is-not-working-properly/#post-16066215)
 * Hi Rick
 * There is no page other than wp-login.php for logins like a custom login page 
   or login page Plugin.
 * Yes, there is an issue if the setting “Block on All Pages” was active while Restrict
   on Login/Authentication was off. It doesn’t work. That is the issue I am also
   explicitly pointing out.
 * It is specifically needed that “Block on all pages” need to be active while Restrict
   on Login/Authentication to be Off. And the wp-config page is required to be accessible.
   And accordingly, visitors from Blacklisted countries will not be able to access
   the website. But as we have turned Off the option, i.e., Restrict on Login/Authentication
   to be off, then at least our teammate (Admin, editor wp users) can access the
   Login/Authentication page.
 * I am curious to see a patch for your side soon. So that those two settings can
   be used together. Meanwhile, let me know how much it is going to take.
 * As there are some bad actors visiting our sites from a specific country. And,
   We can block them by setting that country in the restricted country option. They
   can’t even come from proxy IP because your excellent plugin option, i.e., “Block
   on all pages, ” to be active. But teammates from that country cannot access the
   wp-login.php login page so that they can log themself in and are out from restrictions
   while they work on the site. As Protect login authentication option being turned
   Off needs to work together with “Block on all pages”. Thanks in advance for the
   effort you are putting for this plugin.
 *   Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
   
   In reply to: [Photo crop not reflected in page display](https://wordpress.org/support/topic/photo-crop-not-reflected-in-page-display/)
 *  [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/photo-crop-not-reflected-in-page-display/#post-16061430)
 * The issue which you are facing with cropping is similar to this Ticket. I have
   already reported to WordPress at [https://core.trac.wordpress.org/ticket/55070](https://core.trac.wordpress.org/ticket/55070)
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Malware Scan ccode.php](https://wordpress.org/support/topic/malware-scan-ccode-php/)
 *  [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [5 years, 10 months ago](https://wordpress.org/support/topic/malware-scan-ccode-php/#post-13321918)
 * [@tlartaud](https://wordpress.org/support/users/tlartaud/) Can you let us know
   the name of Infected plugin which you downloaded from the web?
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Malware Scan ccode.php](https://wordpress.org/support/topic/malware-scan-ccode-php/)
 *  [Dr. Sahil Baghla](https://wordpress.org/support/users/andy786/)
 * (@andy786)
 * [5 years, 11 months ago](https://wordpress.org/support/topic/malware-scan-ccode-php/#post-13201377)
 * [@thegrbteam](https://wordpress.org/support/users/thegrbteam/) Did it came back
   for you? I have multiple WordPress installations at my hosting. I have cleaned
   all but still, it is returning back. [@thegrbteam](https://wordpress.org/support/users/thegrbteam/)
   [@hcn101](https://wordpress.org/support/users/hcn101/) [@kmilomore](https://wordpress.org/support/users/kmilomore/)
   Do you know the root cause of this file ccode.php?
 * It is effecting 1000 of sites nowadays. You can read about it at [https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/](https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/)

Viewing 11 replies - 1 through 11 (of 11 total)