Title: remake's Replies | WordPress.org --- # remake [ ](https://wordpress.org/support/users/remake/) * [Profile](https://wordpress.org/support/users/remake/) * [Topics Started](https://wordpress.org/support/users/remake/topics/) * [Replies Created](https://wordpress.org/support/users/remake/replies/) * [Reviews Written](https://wordpress.org/support/users/remake/reviews/) * [Topics Replied To](https://wordpress.org/support/users/remake/replied-to/) * [Engagements](https://wordpress.org/support/users/remake/engagements/) * [Favorites](https://wordpress.org/support/users/remake/favorites/) Search replies: ## Forum Replies Created Viewing 9 replies - 1 through 9 (of 9 total) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP-SpamShield] Plugin version 1.9.8.8 ignores Minimum comment length setting.](https://wordpress.org/support/topic/plugin-version-1988-ignores-minimum-comment-length-setting/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [9 years, 11 months ago](https://wordpress.org/support/topic/plugin-version-1988-ignores-minimum-comment-length-setting/#post-7522767) * Hi, Thank you for your response. Yes, I’m sure I had it set to 2 and it’s been more than 6 months this way. No, I don’t use any caching neither in WordPress nor in the php server. * Your comments inspired me that way that I just saved displayed settings values without doing any changes to it and it started working properly so it’s resolved now. * Thanks & regards Janusz * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[WP-SpamShield] Good for hijack crosss scripting too](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 6 months ago](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/#post-8037878) * You’re right. I’m sorry for this security breach. Can we ask some kind of moderator here to remove the log part? * Regards Janusz * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[WP-SpamShield] Good for hijack crosss scripting too](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 6 months ago](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/#post-8037876) * Hi Scott, * I’m sorry for bothering you but I have another query. WP-SpamShield blocked the comment which I’m sure wasn’t a spam. Can you explain this please? Here is the your log entry: *************************************************************************************————————————————————————————-:: COMMENT BEGIN :: ————————————————————————————- Date/Time: [‘2015-11-26 (Thu) 11:50:25’] Comment Post ID: [‘4371’] Comment Post Title: [‘Red Butterflies’] Comment Post URL: [‘[http://szmatkimalgorzatki.pl/red-butterflies/’%5D](http://szmatkimalgorzatki.pl/red-butterflies/’%5D) Comment Post Type: [‘post’] Post Allows Types: [‘comments’] Comment Type: [‘comment’]————————————————————————————- Comment Author: [‘Karolina @ B-craft’] Comment Author Email: [‘karolina@b-craft. pl’] Comment Author URL: [‘[http://www.b-craft.pl’%5D](http://www.b-craft.pl’%5D) Comment Content: [‘comment_content_begin’] Jest piękna! Motyle przekładane motylami, przepiękna 🙂 [‘comment_content_end’] ————————————————————————————- WPSSCID: [‘ b00c25cfb19c3b02752294e09bc2b055’] WPSSCCID: [‘f02ef72a09ce899791c6c400fb498e70’]————————————————————————————- User-Agent: [‘Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36’] IP Address: [‘79.184.227.131’][‘ [http://ipaddressdata.com/79.184.227.131’%5D](http://ipaddressdata.com/79.184.227.131’%5D) Reverse DNS: [‘adjt131.neoplus.adsl.tpnet.pl’] Reverse DNS IP: [‘79.184.227.131’] FCrDNS Verified: [‘[Verified]’] Proxy Info: [‘No Proxy’] Proxy Data: [‘79.184.227.131’] Proxy Status: [‘FALSE’] HTTP_VIA: [‘[None]’] HTTP_X_FORWARDED_FOR: [‘[None]’] HTTP_ACCEPT_LANGUAGE: [‘pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4’] HTTP_ACCEPT: [‘ text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8’] HTTP_X_REQUESTED_WITH: [”] IS_AJAX: [‘FALSE’] IS_COMMENT: [‘TRUE’] URL: [‘[http://szmatkimalgorzatki.pl/wp-comments-post.php’%5D](http://szmatkimalgorzatki.pl/wp-comments-post.php’%5D) Form Processor Ref: [‘[http://szmatkimalgorzatki.pl/red-butterflies/’%5D](http://szmatkimalgorzatki.pl/red-butterflies/’%5D) JS Page Ref: [‘[http://frame.bloglovin.com/?post=4633227401&group=0&frame_type=a&context=feed_all&context_ids=&blog=13457915&frame=1&click=0&user=0’%5D](http://frame.bloglovin.com/?post=4633227401&group=0&frame_type=a&context=feed_all&context_ids=&blog=13457915&frame=1&click=0&user=0’%5D) JSONST: [‘[None]’] ————————————————————————————- JS/C Processing Time: [‘0,000278 seconds’] Time for JS/Cookies Layer to test for spam Algo Processing Time: [‘ 0,126142 seconds’] Time for Algorithmic Layer to test for spam WPSS Processing Time: [‘0,126420 seconds’] Total time for WP-SpamShield to test for spam ————————————————————————————- Failed Tests: [‘1’] Failed Test Codes: [‘10500A-BL’] Spam Count: [‘4’] ————————————————————————————- Compatibility Mode: [‘OFF’] Caching: [‘OFF’] Debugging Data: [‘PHP MemLimit: 256M; WP MemLimit: 40M; Sessions: Enabled’] Site Server Name: [‘szmatkimalgorzatki. pl’] Site Server IP: [‘88.198.23.35’] ————————————————————————————- Active Plugins:[‘ baw-login-logout-menu/bawllm.php, collapsing-archives/collapsArch.php, comment- reply-notification/comment-reply-notification.php, contact-form-plugin/contact_form. php, duplicate-theme/duplicate-theme.php, email-subscribers/email-subscribers. php, fast-category-cloud-wordpress-plugin/byrev_cat-cloud-widget.php, fast-category- cloud-wordpress-plugin/byrev_cat-cloud.php, google-analytics-for-wordpress/googleanalytics. php, image-widget/image-widget.php, image-zoom/image-zoom.php, photo-gallery/ photo-gallery.php, post-specific-comments-widget/post-specific-comments-widget. php, pwaplusphp/pwaplusphp.php, recent-posts-widget-extended/rpwe.php, simplified- social-share/loginradius_simplified_social_share.php, wordpress-popular-posts/ wordpress-popular-posts.php, wordpress-social-login/wp-social-login.php, wp-spamshield/ wp-spamshield.php, wp-statistics/wp-statistics.php, wp-user-avatar/wp-user-avatar. php’] ————————————————————————————- WP-SpamShield/1.9.6.5 (WordPress/4.0.8) PHP/ 5.3.27 (Apache) Linux s6.linuxpl.com 3.2.71-grsec #1 SMP Tue Sep 1 12:00:21 CEST 2015 x86_64 ————————————————————————————- :: COMMENT END :: ————————————————————————————-************************************************************************************* * Regards Janusz * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[WP-SpamShield] Good for hijack crosss scripting too](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 6 months ago](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/#post-8037874) * Hi Scott, * I see. I will sleep less nervously from now on. * Regards Janusz * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[WP-SpamShield] Good for hijack crosss scripting too](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 6 months ago](https://wordpress.org/support/topic/good-for-hijack-crosss-scripting-too/#post-8037870) * Hi Scott, * I can only confirm again that it spared me a lot of work in bringing the site intact considering the posts which appeared later! * I have also one question re. your plugin. I see that in most cases spam fails many test you perform in your plugin. An example is: Failed Tests: [‘4’] Failed Test Codes: [‘R-COOKIE-3 R-JQHFT-3 R-FVFJS-3 R-JSONST-1000-3’] * But in this particular XSS attempt there is only one: Failed Tests: [‘1’] Failed Test Codes: [‘COOKIE-1’] * Does it mean that it’s been very close to breaking through? What if they master to simulate the proper browser cookie behavior too? * Regards Janusz * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Current hack on 4.3.1](https://wordpress.org/support/topic/current-hack-on-431/) * [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 6 months ago](https://wordpress.org/support/topic/current-hack-on-431/#post-6799913) * OK. I did. * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Current hack on 4.3.1](https://wordpress.org/support/topic/current-hack-on-431/) * [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 6 months ago](https://wordpress.org/support/topic/current-hack-on-431/#post-6799894) * Yes, it definitely goes through the WP comments. My site just survived such an attack and I was lucky as it was stopped by WP-SpamShield plugin because the code they tried to inject failed on one of the tests this plugin performs before it let the comment to be posted. All the activity and the injection code itself stayed in the plugin log. * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[WP Popular Posts] Counting accuracy](https://wordpress.org/support/topic/counting-accuracy/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 11 months ago](https://wordpress.org/support/topic/counting-accuracy/#post-7985350) * OK. As a temporary solution I added: if (current_user_can(‘administrator’)) return true; to your __update_views function. * Regards Janusz * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[WP Popular Posts] Counting accuracy](https://wordpress.org/support/topic/counting-accuracy/) * Thread Starter [remake](https://wordpress.org/support/users/remake/) * (@remake) * [10 years, 11 months ago](https://wordpress.org/support/topic/counting-accuracy/#post-7985348) * Hi Hector, * Thanks for the reply. I reviewed the setting you mentioned and I’m not sure if this works as expected. Which one of the three options available making your plugin to log all the visits except mine? As for my understanding ‘Visitors only’ omits regular registered users which I don’t want to. ‘Logged-in users only’ doesn’t log not-logged viewers, and off course ‘Everyone’ includes me into the statistics. * Regards Janusz Viewing 9 replies - 1 through 9 (of 9 total)