Title: cschultzie3's Replies | WordPress.org --- # cschultzie3 [ ](https://wordpress.org/support/users/cschultzie3/) * [Profile](https://wordpress.org/support/users/cschultzie3/) * [Topics Started](https://wordpress.org/support/users/cschultzie3/topics/) * [Replies Created](https://wordpress.org/support/users/cschultzie3/replies/) * [Reviews Written](https://wordpress.org/support/users/cschultzie3/reviews/) * [Topics Replied To](https://wordpress.org/support/users/cschultzie3/replied-to/) * [Engagements](https://wordpress.org/support/users/cschultzie3/engagements/) * [Favorites](https://wordpress.org/support/users/cschultzie3/favorites/) Search replies: ## Forum Replies Created Viewing 15 replies - 1 through 15 (of 19 total) 1 [2](https://wordpress.org/support/users/cschultzie3/replies/page/2/?output_format=md) [→](https://wordpress.org/support/users/cschultzie3/replies/page/2/?output_format=md) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WPForms - Easy Form Builder for WordPress - Contact Forms, Payment Forms, Surveys, & More] One form to gate all blog posts](https://wordpress.org/support/topic/one-form-to-gate-all-blog-posts/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [1 year, 5 months ago](https://wordpress.org/support/topic/one-form-to-gate-all-blog-posts/#post-18179670) * Thanks for the help, [@amjadali688](https://wordpress.org/support/users/amjadali688/) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] “All in One SEO Pack <= 4.2.9" rule blocking updated plugin](https://wordpress.org/support/topic/all-in-one-seo-pack-4-2-9-rule-blocking-updated-plugin/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [1 year, 5 months ago](https://wordpress.org/support/topic/all-in-one-seo-pack-4-2-9-rule-blocking-updated-plugin/#post-18174757) * Thanks Peter. Just the free version. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Scan Stage Failed](https://wordpress.org/support/topic/scan-stage-failed-23/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [1 year, 5 months ago](https://wordpress.org/support/topic/scan-stage-failed-23/#post-18172220) * Hi Peter. It is indeed a yellow exclamation triangle instead of a green checkmark. The strange thing is that after I posted this, it started working again on its own for a while, stopped again, started working again, and now has stopped working again 🙁 I’m going to run through the detailed steps you provided, thanks for providing those. * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Can’t fix permissions on folder](https://wordpress.org/support/topic/cant-fix-permissions-on-folder/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [7 years, 3 months ago](https://wordpress.org/support/topic/cant-fix-permissions-on-folder/#post-11102629) * I know I don’t 🙂 * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Every minor WordPress update breaks WordFence](https://wordpress.org/support/topic/every-minor-wordpress-update-breaks-wordfence-2/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [7 years, 3 months ago](https://wordpress.org/support/topic/every-minor-wordpress-update-breaks-wordfence-2/#post-11102628) * Yeah, it is working now that I deleted the wordfence directory and reinstalled, but the last three times wordpress got a 5.0.x update, it’s disappeared and had to do the same delete directory then reinstall process. So whatever you think will stop that cycle from happening the next time wordpress is updated, I will do. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Wordfence Security - Firewall, Malware Scan, and Login Security] Every minor WordPress update breaks WordFence](https://wordpress.org/support/topic/every-minor-wordpress-update-breaks-wordfence-2/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [7 years, 3 months ago](https://wordpress.org/support/topic/every-minor-wordpress-update-breaks-wordfence-2/#post-11097743) * Sure, I can try that. Will I lose all my settings and people i’ve blocked from this? and it is working now since i reinstalled it, but i’m assuming I should still do this? Just so I understand, why am I doing this? 🙂 could it be some setting is messed up and this is essentially resetting it to a base config? * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Every minor WordPress update breaks WordFence](https://wordpress.org/support/topic/every-minor-wordpress-update-breaks-wordfence/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [7 years, 4 months ago](https://wordpress.org/support/topic/every-minor-wordpress-update-breaks-wordfence/#post-11085012) * thanks, didn’t realize that existed * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Can’t fix permissions on folder](https://wordpress.org/support/topic/cant-fix-permissions-on-folder/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [7 years, 4 months ago](https://wordpress.org/support/topic/cant-fix-permissions-on-folder/#post-11080200) * Thanks. I was more just trying 777 since nothing else was working, figured if that would work i could then delete. I’ll reach out to my host. But do you think that means my stuff has been hacked, or could that be from a failed install/upgrade/ something not nefarious? * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Remove author page with username in it, security risk?](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/#post-9821279) * [@tothbalint](https://wordpress.org/support/users/tothbalint/) So am I “losing” anything really (or would my visitors be) by making it go back to the homepage? to me it’s not sounding like a big deal making it redirect back to the homepage, but maybe i’m just missing something. * and truly, thanks for all the help here, I think i’ve learned more from your couple posts than hours of google’ing myself haha * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Remove author page with username in it, security risk?](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/#post-9821259) * [@tothbalint](https://wordpress.org/support/users/tothbalint/) thanks for explaining even the other guys post. I’ll give that link a try and I had installed the free WordFence prior to reading your recommendation here but looks like I might need to tweak the settings a bit (just left it at defaults for now) so it’ll work like you have it on your site, as that sounds like something I’d like to do too. and thanks for the hardening link, I’ll give that a read too. * This may be a stupid question but I’m thinking ahead here. The only public posting to my website i’m envisioning having would be where if I did a blog post, would be to allow people to comment underneath each post. If I use that plugin or the solution below I found online which supposedly just makes them all go back to the homepage, would that prevent people from commenting under my blog posts? I don’t want to screw myself up before I even get started haha * adding an author.php to my (child) theme with this in it; * * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [sftp username in source code](https://wordpress.org/support/topic/sftp-username-in-source-code/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/sftp-username-in-source-code/#post-9818799) * Alright, well I’ll try disabling the couple “required” for my theme ones and see if that makes it disappear. Thanks for all the help, and hanging in there with me with what were probably a lot of stupid questions. I’m not even sure why if that’s my SFTP name why it would be used with CDN but maybe I have to do more reading on how that all works. * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Remove author page with username in it, security risk?](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/#post-9818789) * [@acstudent](https://wordpress.org/support/users/acstudent/) thanks for the link, but I’m not 100% certain I understand where that would help. Would it make all my website.com/author/AdminLogin pages now have a URL of mywebsite.com/author/ WhateverIMakeUp, therefore shielding the usernames from the URLs? or does it do something else. * [@tothbalint](https://wordpress.org/support/users/tothbalint/) Sorry, maybe I said that wrong, I don’t have a page where it just lists all the usernames. I’m just worried that someone is going to go to mydomain.com/author/MyWordPressUsername and see that’s a valid username then try to hack their way in with that. Looking through logs I already see invalid login attempts from foreign countries with that name so assuming that’s where that got it from as that’s the only place I’ve seen it so far. My theme is Avada. * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [sftp username in source code](https://wordpress.org/support/topic/sftp-username-in-source-code/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/sftp-username-in-source-code/#post-9818781) * OK, I guess as long as the password is good it’s not a security risk. Is there a way to auto block people who try to login with my password so they can’t keep trying and brute force it? * So basically I just disable a plugin, see if that code disappears, then activate it again, then keep doing that till i see that bit of code disappear right? What happens if I disable all of them and it’s still there, does that mean it’s my hosting service injecting it into code or does it not work that way? * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Remove author page with username in it, security risk?](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/remove-author-page-with-username-in-it-security-risk/#post-9818373) * [@tothbalint](https://wordpress.org/support/users/tothbalint/) Maybe it’s my theme auto generating those author pages then, I’m really not sure. I guess having any author page redirect back to the home page again would help, but wouldn’t that still expose all the URLs with all the usernames though? Too bad there isn’t a way to just delete all the author pages and turn off it generating any more, or maybe there is a way I just don’t know of. * and thanks for that link, I’m not opposed to hacking some php in the way it described. - This reply was modified 8 years, 4 months ago by [cschultzie3](https://wordpress.org/support/users/cschultzie3/). Reason: added 2nd paragraph * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [sftp username in source code](https://wordpress.org/support/topic/sftp-username-in-source-code/) * Thread Starter [cschultzie3](https://wordpress.org/support/users/cschultzie3/) * (@cschultzie3) * [8 years, 4 months ago](https://wordpress.org/support/topic/sftp-username-in-source-code/#post-9818364) * I’m not sure which is providing it, but I guess at least it’s starting to make more sense now. Knowing that though, is there a way to kill the login from the source code or mask it or something, seems like a real big security hole just having a login name in plain text in the source code, isn’t it? Viewing 15 replies - 1 through 15 (of 19 total) 1 [2](https://wordpress.org/support/users/cschultzie3/replies/page/2/?output_format=md) [→](https://wordpress.org/support/users/cschultzie3/replies/page/2/?output_format=md)