Česlav Przywara

@aldemarcalazans According to 6G notes, you may also need to comment out the following line from 6G:[QUERY STRINGS] section:

RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR]

Cheers,
Česlav

Hi Bryan,

I have to admit this is the first time I hear about WordPress install that has backend running on a different domain than frontend.

AFAIK, the plugin does nothing special when it sets cookies, except that it performs COOKIE_DOMAIN fall-back to ensure compatibility with multisite installs.

Maybe you can try to set the COOKIE_DOMAIN just to mysite.com (without www or wp subdomains) in your wp-config.php:

define( 'COOKIE_DOMAIN', 'mysite.com' );

This way cookies set on front-end domain should be also valid for back-end domain.

I guess some aiowps_cookie_domain filter could be added to the plugin to support your setup, but it is rather rare and I cannot speak for plugin authors.

Greets,
Česlav

Hi Silvio,

I’m glad you’ve managed to get your site back.

As for the database management tool, I can recommend Adminer. Unlike phpMyAdmin, Adminer comes in a single file, but it has almost the same functionality and much cleaner interface.

If you’re going to give the All In One WP Security & Firewall another try, be careful when activating the features. Read all information on the page and perform recommended actions! If you’re going to try to “rename your database prefix”, be sure to make a database backup in advance. As @wpsolutions mentioned above, most likely this was the feature that caused trouble on your website.

I’m marking the topic as resolved for now, but feel free to open a new one if you have any other problems/questions.

Greets,
Česlav

Hi,

I don’t know of any simple way, but there is a way:

1) Visit https://make.simplesharebuttons.com/ and grab the buttons in color of your choice (either circle or square-sized).

2) Extract the zip file from step 1) and run the png file with email button through base64 encoding – you can use some online service for that like https://www.base64-image.de/

3) Replace the legacy string with base64-encoded image either in simple-share-buttons-light/buttons/circle.php or simple-share-buttons-light/buttons/square.php. Be careful to not replace the encoding preamble (ie. the data:image/png;base64, string).

Important: Note that your changes will be lost when you update the plugin, but given the frequency of plugin updates, this won’t happen often 😉

Cheers,
Česlav

@disturbed-pixel If you update AIOWPSF to recent version, you have an option to activate 6G firewall instead of (out-dated) 5G.

5G firewall could be updated as per Hans recommendation, but one would still have to re-save firewall rules to apply such changes, therefore I think it makes more sense to just switch to 6G.

Greets,
Česlav

Hi morio2,

Please, deactivate “Advanced Character String Filter” and keep it deactivated. Then wait some time (30 mins or more) and check if the problem persists or not.

I have no experience with CloudFlare, but from what you described (problem reappearing when firewall is activated, but only after some time), it seems that CloudFlare has some caching mechanism in place. So you have to give it some time to catch up when you disable/enable any firewall feature.

Alternatively, you can ask CloudFlare support if they cache URL requests that are answered with “403 Forbidden” (and for how long).

Cheers,
Česlav