dciphered
Forum Replies Created
-
Same issue, auto posting using the Advanced method doesn’t pull the Featured image.
Furthermore, regardless of using Excerpt or Content shortcodes, the posted message has odd bits of HTML added to the text filed such as   and other similar syntax. This was always an issue from when I first started using the plugin last year.
Please advise.
Hi Gerroald,
Appreciate the detail within your reply however it deviates off point to my question.
I’m well aware the anatomy of cyber attacks and the kill chain process, especially in context of WordPress, and “security through obscurity” is a complimentary principle with absolute value when it comes to a good protection strategy, albeit, on it’s own is not enough.
Most seasoned security folk will manage risk through a multilayered approach (a solid defence in depth strategy) and obfuscation makes part of that. There are many ways to throw attackers off course (if you know what you’re doing) when it comes to hiding your WP deployment however when you have a WAF solution with neon lights that tells the attacker they’ve been blocked by a Worpdress plugin, then it defeats the purpose of what I’ve mentioned above.
So back to my point, having a custom error page helps alleviate this issue and it “absolutely” helps with security which is no doubt why you’ve had this topic asked before. It’s a simple question with a simple answer – can it be done without modifying Wordfence code/php files? Most network and application layer security solutions provide the ability to customise error pages, that’s what we need here.
I hope this adds further clarity to my request.
Forum: Plugins
In reply to: [WP-Chatbot for Messenger] Messenger icon appearing on All pagesHi @ingasupranovich,
That makes sense! I’ve tried your suggestion and can confirm that it’s all working as intended now.
Thanks again for the quick and helpful turnaround!
Forum: Plugins
In reply to: [Mail Bank - #1 Mail SMTP Plugin for WordPress] Clearing Email Logs/ReportsAny updates on this??
Forum: Plugins
In reply to: [WP-Chatbot for Messenger] Messenger icon appearing on All pagesHi @ingasupranovich,
I can validate that we’ve been running the latest version and that the issue still persists.
The icon remains on every page regardless of the hide options configured.
Any other suggestions?
Hi Slava,
Yes correct, all was working prior to the recent updates. Just an FYI, I’ve actually installed a different SMTP plugin to validate my assumptions and I can validate that everything works as it should. Reverting to WP SMTP Mail causes the issue again.
1. I’m using Amazon SES as the configured mailer.
2. Yes it does, test emails work fine.
3. Yes i downgraded and things appeared to work ok however I did notice that some emails were arriving intermittently, not consistently.
4. Meaning, that we have a few WP servers with sites, including our Prod and Dev boxes and all of them were experiencing the same issue. Also, Yes, Opcache is enabled however as I mentioned before, the other SMTP plugins we’ve tested work without hiccup.Something’s definitely gone wrong since 1.5x.
Forum: Plugins
In reply to: [WPS Hide Login] Question mark (?) added to URLHi guys,
Iβd love to be able to help but the reason for resolution is unknown. In my case, it seemed to drop the ? only after initiating an upgrade of the core WP version. I suspect that it was purely a coincidence so this issue definitely requires further troubleshooting to work out why itβs happening.
Sorry I canβt be of more help.
Hi Alex,
As originally assumed, it was a wild coincidence caused by another process.
Appreciate your willingness to assist and the quick turnaround.
Thanks for the reply all, appreciate the various points of view.
I’ve decided to run both π Modsecurity with the Comodo rules in place and Wordfence as the second line of defence for WP specific prevention.
The only issue with modsecurity is the lack of simple notification capability. Short of creating your own scripts that fire an email on specific rule sets that are triggered, there’s no easy way to do this which is where Wordfence dominates.
Thanks again.
Forum: Plugins
In reply to: [WPS Hide Login] Question mark (?) added to URLOK, not exactly sure what happened here but the issue has been resolved since WP 5.1 was deployed. Assuming that it was a WP issue and not a plugin related problem.
Problem fixed.
Thanks for the speedy reply Alex.
That makes sense and yes, including WP Rocket would be a great help.
Appreciate your assistance in answering my query.
One additional note to add. When first enabling CMP (with WP Rocket also enabled), everything works fine. However, when I access the site using the CMP secret URL, bypassing the coming soon page, WP Rocket obviously caches the home page which I would assume is why after a while, others can also see the home page (and any other page visited) even if CMP is enabled.
FYI, to add some additional context, when social login is attempted after role change, the popup window that performs the login/auth, redirects to the website using URL structure https://<websiteurl>/#_=_ (essentially loading the home page of the site within the popup window however without any authentication taking place). Changing user to Subscriber auth’s user as expected from within the popup window and automatically closes it after logging them in.
All plugins disabled and still the same problem…
Hi guys, any update on this? Causing a major issue.