rmast
Forum Replies Created
-
Forum: Plugins
In reply to: [Knews Multilingual Newsletters] Email address seems to be incorrectWatch out when copying the line above, the apostrophes have been replaced.
By the way, in the KNews-professional version it should replace line 720.
Forum: Plugins
In reply to: [Knews Multilingual Newsletters] Email address seems to be incorrectI am experimenting with line 714 of knews.php to get it more intelligent.
I just changed it to:
if ((strpos($this->post_safe(‘knewscomment’), ‘http://’) !== false)||(strpos($this->post_safe(‘knewscomment’), ‘!’) !== false)) $stupid_bot = true;It keeps lots of spammers out now, but probably also people with http:// or ! in their house address. I guess there won’t be many of them.
By the way, I still haven’t replaced this widget with Contact Form 7 as the Google Captcha doesn’t color right with our current website. It only provides some black and some grey facing.
- This reply was modified 9 years, 4 months ago by rmast.
After many updates I just tried to see the settings of this plugin. The settings were unclear so I thought I could just disable and dispose the plugin. That tended to disable my outgoing mail at all.
As the settings were not showing it was unclear what the right settings were, so I couldn’t just override the settings with new ones and decided to downgrade to try to see the settings.
No luck, even deleting the mail_bank* – tables and deleting the plugin made things worse. Reinstalling the plugin gave an even more corrupted settings-pane with an error-message.
I just used a backup of the mail_bank-tables to revive the plugin and then put in some new settings. Only after overwriting these invisible but successful settings the settings-panes now work right, even with the newest version. The settingspanes, however remain not quite intuitive for retrieving current settings as they are only visible in the ‘3 step scenario’ which is meant for altering them.
Forum: Plugins
In reply to: [Knews Multilingual Newsletters] Email address seems to be incorrectHowever, I suspect this subscription-widget to be deprecated by the Contact form 7 glue, which provides for a subscription form with ReCaptcha-spamprotection.
Forum: Plugins
In reply to: [Knews Multilingual Newsletters] Email address seems to be incorrectChrome automatically enters my home-address in the invisible knewscomment-field meant for spammer-recognition. I guess Safari does the same. I commented the line out.
Forum: Plugins
In reply to: [Knews Multilingual Newsletters] Email address seems to be incorrectOn our site the same issue arises with Chrome, and Safari suspected. Firefox and IE don’t have any issues.
It appears to be happening at line 714 of knews.php:
if ($this->post_safe(‘knewscomment’) != ”) $stupid_bot = true;
Somehow the post_safe function is recognizing a Chrome user entering a valid e-mailaddress as a stupid bot.
By the way, it happens with 1.8.2 as well as 1.8.1. I don’t have older versions to test it with.
- This reply was modified 9 years, 5 months ago by rmast.
Excluding would be fine. I probably overlooked that option.
I dropped you $3 as the plugin is gaining stability and quite an essential part of reaching speed together with Varnish…
Forum: Plugins
In reply to: [Merge + Minify + Refresh] Clash with slideshow 2.3.1 in WordPress 4.4As I didn’t know closure before I saw your plugin I even don’t know whether Google will make such a service a paid service, so I don’t know whether that would be a solution.
My Knews-subscription showed 0 and didn’t register the mail despite my whitelisted IP-address. I turned off the (unmodified) SFS-Beta-plugin and it worked again.
So I’m afraid the beta-plugin gives some instability which requires me to pick attempted subscriptions from the log. I guess I’d best just skip any stop spam-plugin and filter spam afterwards.
I think apart from Allow and Deny there should be an Ignore-possibility.
Ok, I’ll do a new attempt in modifying your code to ignore admin-ajax to not put up a captcha and not put it in the good cache.
If the scope of your plugin is not meant for Ajax-calls, you could also decide just to do nothing with them, not to put every call in the Good cache, which opens the door for every other way SPAM could come in.
I wonder whether your plugin doesn’t just whitelist every spammers that hits the admin-ajax.php:
modules/chkscripts.php contains some questionmarks in the comments:
// some scripts need to be Allow Listed. So far wp_cron.php, but maybe some others – ajax?
// if(strpos($sname,’admin.php?’)!==false) return “allow admin.php?”;
if(strpos($sname,’admin-ajax.php’)!==false) return “allow admin-ajax.php”; // necessary?Function sfs_handle_ajax_check seems always to look for the same hardcoded IP-address that isn’t blacklisted:
includes/ss-admin-options.php line 265 contains:
reCAPTCHA for Contact Form 7 and the Stop Spam Control plugin did not shut out this spammer.
I now tried to reposition the Heartbeat Control plugin in the plugin-list to ZHeartbeat Control. Let’s await this spammer for a new test…
Probably while things end up in the Good cache the Heartbeat Control plugin, specially designed for blocking unwanted admin-ajax.php, is still keeping the spammers from my site after entering the Good cache. I wonder whether their order in the plugin-list influences the order of their execution.
I now changed Really Simple CAPTCHA for Contact form 7 to reCAPTCHA. Contact form 7 has changed the preferred CAPTCHA, so I adapted it.