Forum Replies Created

Viewing 15 replies - 1 through 15 (of 35 total)
  • @callie1983: Please don’t hijack threads. Last time I was locked out because of WF, I simply ftp’ed in and changed the directory name. Most WP plugins work that way. Remove or rename them, and that renders them unable to work.

    My $0.02: Do not ever under any circumstances get involved with any “security” or “malware” company that calls you out of the blue. It is the oldest trick in the book. Furthermore, google “sitelock reviews” and make up your own mind about the company itself.

    I’d have to wonder how they could have pulled clamscan logs off of your site, BTW. It sounds like either your site is horribly open or someone is lying. If you are indeed running clamscan, check your own logs. If you cannot find any scan logs, then open up an ssh session and manually run it to see what gets spit out.

    Lastly, get another opinion. You can get a free security scan at https://sitecheck.sucuri.net if you are suspicious. If it reports clean and WF reports clean, then write off the call as yet another marketing scam.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    Well, I am going to reluctantly mark this as resolved, since it is not a theme issue, but I would have hoped for an answer on how to revert it. Giving it another name only takes care of the title issue, but the tagline will still be missing.

    There are some changes that WP makes at times that baffle me. If they were going to make such a change, it should have been made an option somewhere.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    OK, after playing with this, I’m considering this solved. Having said that, it appears that caching for me makes matters worse, espectially the high level Falcon caching. The lower level worked, for a while, but even it eventually spikes and goes wonky. I think I’m just going to move up to the next level on the VPS and increase the virtual memory in addition to the RAM increase.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    OK, that does help in that adding Limit to the AllowOverride directive worked. I’m not without some sense of confusion, though.

    From what I understand, “Order Deny,Allow” is the default, so is it necessary? More to the point, I see no other deny or allow statements, so could this have been fixed simply by commenting that line out?

    My second concern is that, since this is deprecated, could this cause issues down the road?

    At any rate, I’m going to run it like this for a day or so unless I run into issues. If it seems to be working and keeping the load down, then I’ll make it permanent.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    One possibility, if your host is running Apache 2.4, some of the directives in .htaccess have changed since Apache 2.2.

    I did not know that. Does that mean the directives you add to .htaccess won’t work in 2.4? I am running 2.4.7.

    Indeed, the error log shows several lines I’m not familiar with like:

    [Sun Nov 01 19:42:30.963839 2015] [core:alert] [pid 21275] [client 71.218.76.82:46654] /var/www/.htaccess: order not allowed here, referer: http://www.churchofgodperspective.org/wp-content/plugins/wordfence/css/main.css?ver=37d2c930d8517afa8039eac193c2f226
    [Sun Nov 01 19:42:34.092275 2015] [core:alert] [pid 21060] [client 71.218.76.82:46656] /var/www/.htaccess: order not allowed here, referer: http://www.churchofgodperspective.org/wp-admin/admin.php?page=WordfenceSitePerf

    No, I am not using CloudFlare or anything like that.

    My .htaccess file is custom but not overly convoluted:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    # See http://www.javascriptkit.com/howto/htaccess14.shtml
    # The following causes 500 errors
    #Options +FollowSymlinks
    # Block by referrer, from http://www.htaccess-guide.com/deny-visitors-by-referrer/
    # Modified using http://www.htaccesstools.com/block-hitbots/
    RewriteCond %{HTTP_REFERER} ^([^.]+.)*?lanud-adisutjipto.mil.id.*$ [NC,OR]
    #RewriteCond %{HTTP_REFERER} ^([^.]+.)*?google.com/search\?q\=2\+guys\+1\+horse$ [NC,OR]
    RewriteCond %{HTTP_REFERER} ^([^.]+.)*?fr-voyage.com.*$ [NC]
    #RewriteCond %{HTTP_USER_AGENT} ^x00_-gawa\.sa\.pilipinas\.2015 [NC]
    RewriteRule .* - [F,L]
    
    RewriteBase /
    
    # Rewrite subdomains to directories
    RewriteCond %{HTTP_HOST} ^wiki\.cogperspective\.org [OR]
    RewriteCond %{HTTP_HOST} ^wiki\.churchofgodperspective\.org
    RewriteRule ^(.*)$ http://www.churchofgodperspective.org/wiki/$1 [R=301,L]
    
    RewriteCond %{HTTP_HOST} ^blog\.cogperspective\.org [OR]
    RewriteCond %{HTTP_HOST} ^blog\.churchofgodperspective\.org
    RewriteRule ^(.*)$ http://www.churchofgodperspective.org/blog/$1 [R=301,L]
    
    # Force "www"
    RewriteCond %{HTTP_HOST} ^cogperspective\.org [OR]
    RewriteCond %{HTTP_HOST} ^churchofgodperspective\.org
    RewriteRule ^(.*)$ http://www.churchofgodperspective.org/$1 [R=301,L]
    
    # Mediawiki additions
    # Short url for wiki pages
    RewriteRule ^/?wiki(/.*)?$ %{DOCUMENT_ROOT}/w/index.php [L]
    # Redirect / to Main Page
    RewriteRule ^/*$ %{DOCUMENT_ROOT}/w/index.php [L]
    
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    
    # END WordPress
    Thread Starter IAmMarchHare

    (@iammarchhare)

    Yeah, that is sort of what I’d thought, but I wanted to cover all of the bases. I’m running out of time to do much right now, but I’m seriously considering building my own droplet from the ground up rather than relying upon one of the pre-built one.s

    Thread Starter IAmMarchHare

    (@iammarchhare)

    You’re missing the point. This was a clean install.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    /var/www/apache2/error.log doesn’t seem to contain a whole lot except a lot of shutdowns and restarts until this morning when I was working on the .htaccess file that caused some errors for a brief time. I even turned on WP debug, which has a few deprecated and notice lines.

    In the midst of it all, I changed the main URL, and the old one redirects to the new one. These errors seem like they are hammering on the old URL even though to go to the login page they should be automatically redirected. I’m beginning to think these errors are quite different than the ones I saw before, which turned out to probably be a corrupt user database.

    Thread Starter IAmMarchHare

    (@iammarchhare)

    I just want to mention that there have been about three (maybe four) updates since I last posted. It does seem to post the featured image (not one posted at beginning of article but marked as featured for that article) at times, but it doesn’t seem consistent. Night before last, I posted an article and it showed the logo on G+, but this evening it showed the featured image. Whatever you’re doing, it is getting closer.

    @WF Support: It is difficult to say. The update and the scan took place at roughly the same time. My educated guess is that there was a race condition resulting in bogus alerts.

    This sounds like a good thing for another reason. This morning, I got email alerts from WordFence about WordFence itself. When viewing the differences:

    Author: Wordfence Version: 5.2.7

    vs

    Author: Wordfence Version: 5.2.8

    Thread Starter IAmMarchHare

    (@iammarchhare)

    *all three showed the logo instead of the image*

    Thread Starter IAmMarchHare

    (@iammarchhare)

    Well, I’ve posted three posts today, trying to recreate the conditions under which an image other than the logo shows on G+, and I cannot seem to do it. I’ve tried linking to an image on Wikimedia Commons, upload with a subtitle using the h2 tag, upload without an h2 subtitle preceding it, and all three did not show the logo. I have verified that all 3 are publicly shared, so that variable seems to be out.

    I don’t know what more info to give about this right now.

    FWIW, here are my impressions on this:

    1. It is abandoned. It had one release 2 years ago, from what I can tell. Therefore, any usefulness will probably one day be broken and not fixed.

    2. One of the few responses I’ve seen in this “support” category indicates that if you re-write the wiki URLs, you know so that people can actually find meaningful material on your site via SEO, then the links will open normally. This obviously throws into question the fit of this plugin to any given situation.

    3. It is just a bandaid to begin with, and it is because MediaWiki makes it difficult to reskin anything. To make matters worse, they changed how they did it and there are no longer any user supported skins that I’ve been able to find that actually work.

    I was able to play around and get MediaWiki pages to show up with a WP theme’s header (and supposedly the footer works the same way), but it was sort of ugly and had no sidebar.

    Maybe one day I’ll put a little more effort put into it, but I know very little about CSS or PHP. Until such a day comes around, I’ve switched my WP theme to at least have something like a similar layout and colors as the Vector skin. I can use this plugin as a portal into the wiki, but thereafter it will use the Vector skin. It will be ugly, but at least it won’t shock the user’s system with a blinding change.

    So, I guess this is useful — to a point –, to answer your question from another user’s viewpoint.

Viewing 15 replies - 1 through 15 (of 35 total)