peterdog
Forum Replies Created
-
Forum: Plugins
In reply to: [Stealth Login Page] Problem in UnstallingGreat. Thanks for following up. Did they confirm it was cached?
Forum: Plugins
In reply to: [Stealth Login Page] Problem in UnstallingNo, that would mean nothing is wrong with my plugin and I’m fixing a problem with your hosting.
Forum: Plugins
In reply to: [WP Stripe] api keyStripe.com
Forum: Plugins
In reply to: [Stealth Login Page] Password Protected PagesI’m taking these things into consideration for the next version after this WP 3.6 update. The best plugins are simple, but I see this spiraling out of scope with too much effort. I didn’t mean for it to be an all-in-one solution – just to block the brute force attempts.
v4.0 will add add-on ability for such features while leaving core alone, how it is now, only even more streamlined.
Forum: Plugins
In reply to: [Stealth Login Page] Problem in UnstallingHit my site contact form with your login and an FTP login. If it’s an issue in the plugin, I’ll take care of it. If it ends up being another plugin or your host, I’ll send you an invoice for my single-issue ticket price of $25.
Cache has been the only thing in the past 16k downloads that has caused this. I’m talking about server cache, not browser cache.
Forum: Plugins
In reply to: [Stealth Login Page] Does this work with Theme My Login ?So long as nothing alters the login URL, it should be fine. I use Login Logo by Mark Jaquith on my primary site along with SLP with no issues.
Forum: Plugins
In reply to: [Stealth Login Page] Problem in Unstallingwp_options table – look for slp_ and that is the options entry. Upon removal of the plugin files, it is set to no longer have any redirect function fire in the login process, so it must be seeing a cached version of the install at the moment.
Without the file to perform the function, the database entry means nothing… unless the cache is firing the database options.
Forum: Plugins
In reply to: [Stealth Login Page] Multisite desgn4.0 update – I’ve been preparing for WP 3.6 and Genesis 2.0 in a lot of fronts, so this will be a little late to the party. If you don’t want to be bothered with the Heartbeat API requiring re-login and redirecting in the process, hold off on 3.6 just a while.
Andrew Nacin has pointed me in the direction I need to go to filter out those logins.
Forum: Plugins
In reply to: [Stealth Login Page] New custom log in page keeps redirectingStep 1 if you can’t login is to rename the plugin folder via FTP as per the FAQ.
Hit my contact form on my website with your custom URL and login and I’ll verify, as 3 out of 4 times I’ve asked and tried, I was able to login. Likely a cookie thing.
If that doesn’t work, we can abandon this attempt or I do support it for $25/incident since it’s a free plugin. The other support incidents have all been “user error.” I can get it working properly, as fewer than 0.1% of people experience what you describe.
Forum: Plugins
In reply to: [Stealth Login Page] Special web server settingsNo, it uses relative paths to your install, nothing server-based. 1&1 is one of the worst hosts in the world, though. No one who cares about security should be on GoDaddy or 1&1.
Forum: Plugins
In reply to: [Stealth Login Page] User returned to default login URL after failed attemptMy pleasure. I’ll mark this as resolved for the sake of there not being any solution at this time – v4 should address this to some extent or completely.
Forum: Plugins
In reply to: [Stealth Login Page] User returned to default login URL after failed attemptDoh! My bad. You’d think that second glass of Mt. Dew would have prevented that mistake…
I see the concern now and verified that it does happen. The issue is that is the function that blocks bots. If the request does not come from the custom URL, then it is redirected because if a bot guesses incorrectly and can stay there, then the plugin is useless for bots.
All I can say at the moment is that it needs to be a valid login attempt unless I can sort out how to handle a failed login from the custom URL to redirect to the custom URL again. That’s a deeply embedded function of the core, so I’m not sure as a padawan learner how to sort that out and maintain security.
Perhaps when I release v4.0, I can lax this a bit because I intend on doing deeper bot detection. If bots are 99.99% taken care of, I think this can be modified to not behave this way.
Forum: Plugins
In reply to: [Stealth Login Page] User returned to default login URL after failed attemptBefore you got locked out – did your custom URL display it properly? The display of the Custom URL and the accompanying e-mail it sends when you check the box will tell us if it’s correct.
You can view the settings in the SQL if you look in the wp-options table for “slp-“
I was just able to login to your dashboard using your link and login provided. I wasn’t forwarded. Try another browser to see if you have cookies interfering.
Forum: Plugins
In reply to: [Stealth Login Page] Authentication On Home Page🙂
You can try again with the e-mail checkbox. In some cases it doesn’t arrive on my install, but it arrives a second time once it’s activated, set, and enabled. Try the checkbox and save again.
Forum: Plugins
In reply to: [Stealth Login Page] Can't login with the WP Android appThe tablet tries to go to the normal URL – you can’t use the app and have a secure login page at the same time.
I’m unaware at my level of programming how to detect that it’s the authorized app attempting the plain URL to skip it. I’ve added some checks recently, but I’m not aware of that one.