redsand

@ethos,

If you see the X in the top right corner, click that to close the admin notice, and it will be gone forever. If that popped up before you upgraded, and you never closed it, then just close it and it’s gone.

Please see my previous post:

Any tech support issues should be directed to the WP-SpamShield Support page.

We don’t do our tech support through the forums here…so please don’t post pics or data here regarding issues. All of our tech support is done through our site, as it offers a better user experience, and we have a number of resources for our plugin users that are not available here (including translations and better privacy/security for users).

Hi @stevejohnson,

This WP vulnerability issue you mention – “We were surprised to see that they did not patch that issue.” Did you submit a patch for it?

They already have had a ticket for this for a long time, and are fully aware of multiple methods to mitigate the issue. There was an article about that in WP Tavern. It just was not a high priority. It’s easier to exploit than people realize though. All security exploits should be taken seriously.

WP is, after all, a community effort.

Yes, we’re quite aware of that. 🙂 Been an active part of the WordPress development community for over a decade, and am a core contributor.

‘Flaming you’ helps if it awakens you to the fact that people don’t want to be bombarded with Chicken Little warnings all the time and give them an option to turn them off.

Absolutely not. Nope. No matter what the situation or context, flaming is never the right way to handle things. There is big a difference between “flaming” and honest, constructive criticism.

We always have emphasized security and have educated users on security issues, and always will. That’s not going to change even if people do flame us. What people don’t realize is that for every one person that does, there are 100 more that are happy about our emphasis on security and thank us for that. So that’s just not constructive. (Besides, several of us are combat veterans, so that kind of thing doesn’t really faze us.)

If people want to submit a support request, and use our support system the right way, they’re welcome to. We provide outstanding support. Flaming tends to only happen in forums. When people communicate directly with us, things get resolved quickly, and everyone is happy.

Also, you might want to check your facts before you criticize devs. This thread was already old when you posted this, and there already was an option to disable the security alerts. Another example of why it’s better for people to come directly to us. 🙂

If you need any further help in the future, just contact us directly using the WP-SpamShield Support page…that’s how to get the best info and get things resolved quickly.

– Scott

Jack,

Through this entire exchange you have done nothing but trash my system and told me with certainty that I’m my own problem.

There was an attempted hack on our site from your IP address. Yes, we can with certainty say that you have a security issue you’re not dealing with. No one is trashing anything. When there is an attempted hack on our site, I’m going to call a spade a spade.

I suppose my friend’s two year old laptop computer is out-of-date and should be relegated to the trash can also.

You were not trying to access the site from a two year old laptop. That didn’t happen…be honest now.

Not once in these exchanges have you even mentioned the conflict that I’m having between the two plug-ins I’m using.

We’re happy to look into it…in a support request. This is a review though, not a support request.

This conversation isn’t about whether you need the plugin. Personally I do not care if you use it or not. However, when you write a bogus review that is not even remotely based in truth, I’m going to refute that and clarify the facts.

I can overlook the hacking attempt, because I have no reason to believe that you were doing anything on purpose. But, blaming us for you getting blocked by the firewall, and then writing a negative review on top of it…that’s just below the belt.

Yes, I can say with absolute certainty that your computer(s)/network has security issues. (Unless you’re trying to say that the hack attempt was indeed on purpose.) I’ve tried to help you address those issues. As I’ve said previously, each person is responsible for their own internet security. You don’t seem to accept that.

Based on your own post from a few months ago, your own site was recently hacked. Do you not see the correlation? It likely came from your own computer/network, and you haven’t fully remedied the issue.

P.S. the review stands on it’s own merit.

Not even remotely.

Then I logged onto the WordPress.org Forums and got to the page of the WP Power Stats Plug-in. I can read everything under each tab except Support. Anything I try to view under Support is blocked.

Wait, you’re getting blocked on the WordPress.org support forums as well? That’s not under our control, and if you’re getting that at the support forums here as well, that should tell you something — it’s not just our site.

You mentioned running anti-virus software, but you didn’t say anything about using up-to-date browsers or up-to-date operating system. Those are the most important aspect. Even if you have anti-malware software on an outdated OS or outdated browser, it won’t do any good since there are numerous inherent security holes, and security software can’t fix those.

I can’t put in a support request because I can’t get to it.

If you’re blocked on your computer, then you always have the option to access from someone else’s computer — say a friend’s house or any different location.

That doesn’t mean you jump straight to negative reviews. That’s just uncalled for.

Hi ElsieBlogger,

The main point is that posting a negative review without giving the developer a chance to help you is really not a kosher thing to do in the open source community. If you notice, we responded quickly after you wrote a negative review, and would have responded just as quickly to help you, if you had posted in the forums that you had trouble accessing our site.

My frustration is my inability to try to help myself (which your FAQs suggest I should do). If at every turn I’m blocked from the information you’ve provided, then I can’t very well solve my problem.

You weren’t blocked at every turn. As I mentioned, if you could not access the site, then post in the forum. Easy.

I took time to read through quite a few issues other people were having just to see what type of support they were getting. Several times you have come across as one who thinks all the problems are somehow the fault of the user’s system or web host or whatever.

You should not base your opinions on the experience of others — especially when posted in a forum, since you are only getting a part of the story. What you’re saying is far from accurate. The situations that you’re referencing have to do with active malicious traffic coming from a user’s network.

The general public isn’t tuned into security like you apparently are, and I suspect most don’t have a clue with some of the things you’re suggesting are “wrong” with their system.

We checked our logs, and can confirm that during the time period you referenced that you claimed to be blocked, the only site visitors who were blocked were due to active malicious traffic coming from those networks.

The thing you need to understand about malware, is that you can have it on your computer, network, phone, IoT devices, and not have any idea. It operates silently and invisibly without you knowing. We do not believe you personally had any malicious intent.

However we have an obligation to protect our sites and networks. I’m not going to apologize for that.

Unfortunately many, many users do not take security seriously. That’s why you are constantly reading about hacks, malware, ransomware, etc in the news. All we can do is try to help educate people to raise awareness.

You don’t have to be a “techie” to be security aware. In this day and age, everyone has to be. Ask yourself some basic security questions:

1. Do you avoid using free public wifi?
2. Are the operating systems on all your devices (computer, phone, etc) all using the latest updates and version of the operating system?
3. Are the web browsers on your computer, phone, etc all updated to the latest versions?
4. Are you running good security software (like BitDefender or Kaspersky) on your computers (and phones!)…?
5. Do you avoid using USB drives from people you don’t know?
6. Do you avoid letting others use your smart phone without supervision?
7. Have you changed the username and password on your router away from the default ones provided when you bought it?

If you say No to any one of those, there is a solid chance you have malware on your system (network, phone, computer) that you’re not even aware of. And if your access was blocked by our site, that is the most likely scenario.

For you to scold someone just because they can’t get into your world to solve their problem suggests to me that perhaps your aren’t very customer oriented.

We do not do that. The situations you refer to — in every case without exception — occurred when active malicious traffic was detected. We provide outstanding service. However, no one has the right to criticize us for having strong security.

Remember that you’re talking about a free and open source product here. We are providing that as a gift for people to use.

My one-star review isn’t for a poor product, but rather for the difficulty with getting a solution to a problem.

( @sterndata: This is why I requested the review be removed — since is not even about the experience with the plugin, but rather a complaint about our site security. )

I didn’t cause the problem (regardless of what you’re thinking).

That simply is not true. Each person has to take responsibility for their own devices and security issues. There was confirmed malicious traffic coming from the IP addresses you tried to access the site with. (Notice, I never said you intentionally were trying to hack our site.) If there is malware on your computer, network, phone, etc, that is your responsibility.

As a global community we cannot remain ignorant to security issues, because they can affect others without even realizing it. Again, you don’t have to be a security expert or a “techie” to be security-aware. Many, many people have active malware on their systems, and absolutely no clue it’s there.

So, please take this seriously, and look into the issues I mentioned regarding your network/device security. If you use the list above as a checklist, you will at least get a start on finding the malware on your system.

– Scott