Česlav Przywara
Forum Replies Created
-
Btw. as long as user has identical username and email, everything works fine. As soon as username and email differs and user tries to log in with email, this issue occurs.
Hi @wpsolutions,
I attempted to login to the system using a WordPress user who has an email address as the username and I was able to successfully log in with no lockout of my IP address.
This works, but try log in using email instead of username (this feature has been added to WordPress since 4.5).
- This reply was modified 9 years, 5 months ago by Česlav Przywara.
Hi, based on file path in the error message, I assume you are using Better WP Security, so you are in fact posting in wrong support forum 😉 Please, post your issue here.
Hi, do you have any other security plugins installed? There is no feature in AIOWPSF that could result in a 401 status code being returned by website.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Log Files Always Empty@guardian74, yes, it’s this setting. I think resetting it shouldn’t be necessary, but let’s see, if it makes any difference in your case.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] locked out not working@alin09ro There is a bug in 4.2.1: when you log in with email instead of username, your IP can be added to locked IPs list despite you log in just fine. This means that if you log out and attempt to log in again before your IP is released from the list (depends on your settings), you will find yourself locked out. As long as you stay logged in, you are fine.
Unfortunately, the version 4.2.2 doesn’t fix this problem as far as I have tested. The only workaround in the moment is to not use email address to log into the backend.
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Log Files Always EmptyHmm, it’s strange, logs should be working. Just to be sure, since you haven’t mentioned it – you have logging enabled in settings (AIOWPSF > Settings (page) > General Settings (tab) > Enable Debug)?
Btw. thanks for your thoughts regarding
.htaccessfile. The plugin actually creates this file, but in a flawed way. A patch for this has been just merged and should be available in next version.Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] User login url hideGlad I could help.
- This reply was modified 9 years, 6 months ago by Česlav Przywara.
Forum: Plugins
In reply to: [Edit Author Slug] redirect 301 old slugIf your webserver runs on Apache, you can achieve this via rewrite rules in .htaccess file:
<IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^old-author-base/old-slug-user-1 http://example.com/new-author-base/new-slug-user-1 [L,R=301] # etc. for other users </IfModule>
However, if only
author-basehas changed, you should be fine with a single rule:RewriteRule ^old-author-base/(.*) http://example.com/new-author-base/$1 [L,R=301]
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] User login url hideHi,
This plugin doesn’t have this exact feature, but I can recommend Edit Author Slug – it allows you to change author slug to something different than your username.
Cheers,
ČeslavForum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] locked out not workingHi, what version of the plugin and WordPress are you using? Are you using your email to log in?
Hi Nick,
Database prefix is stored in WordPress configuration file (wp-config.php). When you request the plugin to change it, it writes new prefix to this file, so any change of the prefix is persistent (ie. it doesn’t matter if you disable or uninstall the plugin afterwards).
Cheers,
ČeslavTrue, I haven’t noticed that initially, but it really doesn’t matter, if password is correct or not. Thanks for feedback!
Hi,
I think I understand and can confirm the issue. It seems that when “Instantly Lockout Invalid Usernames” feature is active and user provides wrong password for valid email, its IP address is blocked immediately (despite the email is a valid username).
Thanks for reporting this!
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] hourly cron job requestsHi,
The hourly cron job does two things in the moment:
– it starts automatic database backup (if enabled)
– it starts automatic file scan (if enabled)Despite that the cron job runs every hour, both database backup and file scan are executed based on their configured schedule (once an hour is the shortest configurable interval for both).
Hope that clears things up,
Česlav