Title: axtonc's Replies | WordPress.org --- # axtonc [ ](https://wordpress.org/support/users/axtonc/) * [Profile](https://wordpress.org/support/users/axtonc/) * [Topics Started](https://wordpress.org/support/users/axtonc/topics/) * [Replies Created](https://wordpress.org/support/users/axtonc/replies/) * [Reviews Written](https://wordpress.org/support/users/axtonc/reviews/) * [Topics Replied To](https://wordpress.org/support/users/axtonc/replied-to/) * [Engagements](https://wordpress.org/support/users/axtonc/engagements/) * [Favorites](https://wordpress.org/support/users/axtonc/favorites/) Search replies: ## Forum Replies Created Viewing 13 replies - 1 through 13 (of 13 total) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] Brute Force Login attempts despite login rename](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [9 years ago](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/#post-9082629) * Thanks Here are the error messages when running under Desktop Server: * Warning: call_user_func() expects parameter 1 to be a valid callback, no array or string given in C:\Users\MyDocs\Documents\Websites\www.myDTSsite.dev\wp-includes\ functions.php on line 2538 Call Stack # Time Memory Function Location 1 0.0038 202368 {main}( ) ..\index.php:0 2 0.0048 246032 require_once( ‘C:\Users\MyDocs\ Documents\Websites\www.myDTSsite.dev\wp-admin\admin.php’ ) ..\index.php:10 3 0.0052 258600 require_once( ‘C:\Users\MyDocs\Documents\Websites\www.myDTSsite. dev\wp-load.php’ ) ..\admin.php:31 4 0.0056 266056 require_once( ‘C:\Users\MyDocs\ Documents\Websites\www.myDTSsite.dev\wp-config.php’ ) ..\wp-load.php:37 5 0.0064 344048 require_once( ‘C:\Users\MyDocs\Documents\Websites\www.myDTSsite.dev\wp- settings.php’ ) ..\wp-config.php:90 6 1.5139 20450824 do_action( ) ..\wp-settings. php:413 7 1.5140 20452096 call_user_func_array:{C:\Users\MyDocs\Documents\Websites\ www.myDTSsite.dev\wp-includes\plugin.php:525} ( ) ..\plugin.php:525 8 1.5140 20452160 AIO_WP_Security->aiowps_wp_loaded_handler( ) ..\plugin.php:525 9 1.5140 20452296 AIOWPSecurity_WP_Loaded_Tasks->__construct( ) ..\wp-security-core.php: 219 10 1.5149 20494336 AIOWPSecurity_Process_Renamed_Login_Page::renamed_login_init_tasks()..\ wp-security-wp-loaded-tasks.php:16 11 1.5150 20494832 wp_die( ) ..\wp-security- process-renamed-login-page.php:106 12 1.5150 20495216 call_user_func:{C:\Users\ MyDocs\Documents\Websites\www.myDTSsite.dev\wp-includes\functions.php:2538} ()..\ functions.php:2538 * ( ! ) Warning: Cannot modify header information – headers already sent by (output started at C:\Users\MyDocs\Documents\Websites\www.myDTSsite.dev\wp-includes\functions. php:2538) in C:\Users\MyDocs\Documents\Websites\www.myDTSsite.dev\wp-includes\ pluggable.php on line 1224 Call Stack # Time Memory Function Location 1 0.0038 202368 {main}( ) ..\index.php:0 2 0.0048 246032 require_once( ‘C:\Users\MyDocs\ Documents\Websites\www.myDTSsite.dev\wp-admin\admin.php’ ) ..\index.php:10 3 1.5458 22378080 auth_redirect( ) ..\admin.php:84 4 1.5466 22378704 wp_redirect()..\ pluggable.php:1084 5 1.5468 22385760 header ( ) ..\pluggable.php:1224 * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] Brute Force Login attempts despite login rename](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [9 years ago](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/#post-9081550) * Hi Both the theme developer and I have been doing some testing on the redirect of the renamed login page issue. In all cases I have deactivated all plugins except yours. The theme developers can’t reproduce the problem at all. But I found that with some other themes I tested there was no problem but with one theme (annoyingly the one I am using – which is a very popular theme with a high number of other users) I do still get this problem both on my hosted server and with a version on Desktop Server. However with the Desktop Server I do at least get some error messages. I have taken a screen shot of these and the theme developers support have looked at this and say there are no references to their theme or functions. Is there some way I can send you the screen shot so you can see these messages? Thanks * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] Brute Force Login attempts despite login rename](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [9 years ago](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/#post-9073384) * I don’t think its the membership module – as I said I disabled that. However I have just tried switching from my theme to a default wordpress theme and that issue with wp-admin goes away – so I will get in touch with the theme developer and see if they are the cause of this issue. I’ll get back to you with an update. Thanks for your help so far. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] Brute Force Login attempts despite login rename](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [9 years ago](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/#post-9069121) * I don’t have any cache plugin installed nor any other security plugins (just yours). I do however have a membership plugin. There is a “sign-in” link in the footer but there are no login fields on the site as standard. the membership plugin creates a login page on the fly if you go to a “blocked” page – which is the method I am using – i.e. the sign-in link points to a blocked page. I have however now shut down that option but am still getting hit by these multiple login attempts. If you go to wp-login that goes to a Page Not Found. But wo- admin results in a sign-in page like this.. [http://www.mysitename/mysecrectloginname/?redirect_to=http%3A%2F%2Fwww.mysitename%2Fwp-admin%2F&reauth=1](http://www.mysitename/mysecrectloginname/?redirect_to=http%3A%2F%2Fwww.mysitename%2Fwp-admin%2F&reauth=1) I have also added the 3 usernames they are using to the block user names list but as they are using multiple ip addresses it only has a limited effect. Any more advice would be appreciated. Thanks * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] Brute Force Login attempts despite login rename](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [9 years ago](https://wordpress.org/support/topic/brute-force-login-attempts-despite-login-rename/#post-9068939) * Hi Thanks for response. I did already have the Completely Block Access to XMLRPC enabled but not the Disable Pingback feature. I have now enabled that too and will get back to you as to whether this has any effect. * Do you have any advice / comment on my query about about the rename login feature and wp-admin? Regards * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] User enumeration risk](https://wordpress.org/support/topic/user-enumeration-risk/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 1 month ago](https://wordpress.org/support/topic/user-enumeration-risk/#post-5960944) * I don’t yet have an answer to the enumeration issue but have changed the IDs of the admin users and have not had any attempts to hack in since. I have also tested the feature that renames the login page and it seems to work OK with the other plugins I am using. * It would be a bonus if AIO WP-Security included something to address the enumeration issue but that’s just a nice to have I guess. * I’ll mark this issue as resolved now. Thanks for your help. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] User enumeration risk](https://wordpress.org/support/topic/user-enumeration-risk/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 1 month ago](https://wordpress.org/support/topic/user-enumeration-risk/#post-5960840) * Hi I’ll test the effect of rename login page on a test site – thanks. * There is quite a lot on the web about this issue but this article explains it quite well. * [http://www.acunetix.com/blog/articles/wordpress-username-enumeration-using-http-fuzzer/](http://www.acunetix.com/blog/articles/wordpress-username-enumeration-using-http-fuzzer/) * There is also a plugin (Stop User Enumeration)to address the issue but not sure if it would be compatible with other plugins relating to security and login etc. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[All-In-One Security (AIOS) – Security and Firewall] User enumeration risk](https://wordpress.org/support/topic/user-enumeration-risk/) * Thread Starter [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 1 month ago](https://wordpress.org/support/topic/user-enumeration-risk/#post-5960754) * Hi mbrsolution Thanks for fast response. * Brute Force – I have only implemented the Honeypot feature but will consider the feature to rename the login page – just worried that it may conflict with WP-Members plugin – any thoughts? * Admin – The Admin user name had already been replaced, but the name discovered did have admin rights. * Pingback – Yes I have implemented Pingback Protection. * I guess rename of Login page should stop the attacks but user names are still discoverable using the domainname.com/?author=n method. Just wondered if All In One would do anything specifically to stop that. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Black Studio TinyMCE Widget] Automatically add paragraphs](https://wordpress.org/support/topic/automatically-add-paragraphs/) * [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 6 months ago](https://wordpress.org/support/topic/automatically-add-paragraphs/#post-5394760) * Sorry but I deleted the widgets that were giving the problem and have not been able to recreate it since implementing your fix. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Black Studio TinyMCE Widget] Automatically add paragraphs](https://wordpress.org/support/topic/automatically-add-paragraphs/) * [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 6 months ago](https://wordpress.org/support/topic/automatically-add-paragraphs/#post-5394751) * If I scrap the the widgets that were originally causing the problem and start again from scratch using the new version then the problem seems to be solved – however note that if text from a “corrupt” widget is copied and pasted to a new one then it still seems to have the problem. However I can live with that as its not likely to occur. Consider this thread resolved for me now. Thanks – it’s a great tool. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Black Studio TinyMCE Widget] Automatically add paragraphs](https://wordpress.org/support/topic/automatically-add-paragraphs/) * [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 6 months ago](https://wordpress.org/support/topic/automatically-add-paragraphs/#post-5394746) * I have uninstalled 2.1.6. and installed the github repo version as mentioned but it doesn’t seem to make any difference. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Black Studio TinyMCE Widget] Automatically add paragraphs](https://wordpress.org/support/topic/automatically-add-paragraphs/) * [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 6 months ago](https://wordpress.org/support/topic/automatically-add-paragraphs/#post-5394740) * I am not really knowledgeable enough to do this. Tried replacing the 2 php files( kept the original ones) class-admin and class-compatibilty-plugins with those on github but got error on class-admin when loging in to wordpress. Are there any instructions on how to apply the dev version? * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Black Studio TinyMCE Widget] Automatically add paragraphs](https://wordpress.org/support/topic/automatically-add-paragraphs/) * [axtonc](https://wordpress.org/support/users/axtonc/) * (@axtonc) * [11 years, 6 months ago](https://wordpress.org/support/topic/automatically-add-paragraphs/#post-5394738) * I am using version 2.1.6 with WordPress 4.1 within Page Builder 1.5.3 and am getting the same problem with line breaks. If they are added using the visual editor or if they are added as

in the text editor they just disappear when the widget is updated. I.e they sometimes work once but if the widget is re-opened they then disappear. If there is no text in the widget (it just contains images) then the page break doesn’t seem to work any time. Viewing 13 replies - 1 through 13 (of 13 total)