peter-a
Forum Replies Created
-
Forum: Plugins
In reply to: [Verified Member for BuddyPress] Issue with Bp-verified pluginI am using BuddyBoss and having a similar issue with email notifications. I am seeing this text in emails:
Anna <span class="bp-verified-badge"></span> accepted your invitation to connect.Forum: Themes and Templates
In reply to: [West] Gallery Slider@romanbon this is almost impossibly difficult. This theme is designed around LiveComposer, but the LiveComposer instructions do not match the theme controls. Creating a gallery requires creating a template, and that is missing.
So basically the option of creating a gallery in this theme is broken.
Forum: Plugins
In reply to: [WooCommerce] Change of permalink for shop categories leads to 404 errorsThank you @mikejolley — adding something unique between
/shop/and/%product_cat%/solved the problem for me, and I was looking everywhere for a solution!!Forum: Plugins
In reply to: [WooCommerce] Change of permalink for shop categories leads to 404 errorsThank you @mikejolley — adding something unique between
/shop/and/%product_cat%/solved the problem for me, and I was looking everywhere for a solution!!- This reply was modified 9 years, 2 months ago by peter-a.
Forum: Plugins
In reply to: [Ptengine - Heatmap Analytics] Connection failsI’m having the same problem
Forum: Plugins
In reply to: [Two Factor Authentication] login page broken?OK, sorry. In any case it turns out this was due to a bit of bad code in my .htaccess file causing some mixed content warnings. Now your plugin is working great.
Forum: Plugins
In reply to: [Two Factor Authentication] login page broken?I’m getting the same error as @reiner030 on WP 4.3.1 even with all other plugins disabled.
Also on the setup page it doesn’t display a QR code, only the code number.
Because of this conflict, I am unable to still use the rename-login feature, and I am now seeing more attempted attacks on my site. Any progress or suggestions?
Unfortunately I need to use some kind of force-http function for my site to function properly — otherwise Google sends people to https, which breaks some site elements.
Our images are served by nginx, and I see that hotlink protection is handled by an .htaccess rule, so this might be beyond your control.
But it’s strange that most of our images are not affected — only icons and sprites.
I apologize — I was mistaken: The problem exists in 3.7.9 as well (I just rolled back to check). I must not have noticed it.
I also tried the 3.7.9.2 update and it still has this issue, so for now I have hotlink protection switched off.
Yes.
Yes, that is correct. We had hotlink protection enabled in the previous version (3.7.9) and we weren’t seeing that issue.
I should mention that I edited the RewriteCond to include
secretloginwordOK, I did a quick test of Cookie Based Brute force prevention.
I observed the results in Safari, because Safari appears to show redirect activity more clearly than other browsers. (Even so, I had to make a screen movie and watch it in slow motion to catch all the changes!)
My .htaccess rule not active:
When entering https://mydomain.com/?secretloginword=1
it redirects to http://mydomain.com/wp-admin
then to http://mydomain.com/wp-admin/
then to https://mydomain.com/wp-admin/
and finally to https://mydomain.com/wp-login.php?redirect_to=https%3A%2F%2Fmydomain.com%2Fwp-admin%2F&reauth=1With my .htaccess rule active:
it redirects to http://mydomain.com/?secretloginword=1
then to http://mydomain.com/wp-admin
then to https://mydomain.com/wp-admin
then to http://mydomain.com/wp-admin/
then to https://mydomain.com/wp-admin/
and finally to https://mydomain.com/wp-login.php?redirect_to=https%3A%2F%2Fmydomain.com%2Fwp-admin%2F&reauth=1I don’t see any of that kind of redirecting happen if I use the hidden login URL (unless I type in http://mydomain.com/mysecretloginurl …in which case it is redirected to https://mydomain.com/mysecretloginurl).
By the way, my hosting provider requires
RewriteCond %{HTTP:X-Forwarded-SSL} =onbut on most hosts it would be
RewriteCond %{HTTPS} =on