sagency
Forum Replies Created
-
Forum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] REST API – SG OptimizerYes, tried disabling too. Same message.
Our client did put in a ticket with you. They are the ones with the direct WordFence Premium account.
The status does not indicate it is due to a country blocking feature but a blocked URL. Other blocks do indicate that specific issue. So I’d appreciate some help here why there is a blocked URL that isn’t blocked. Thanks.
Problem seems to be related to how Outlook offsite servers are configured. We tried working with Microsoft Support and they could never resolve the problem. ALl of the DNS and MX records were set correctly to Microsoft specs yet something consistentely requests the autodiscover.xml file (or the fallback files like AutoDiscover.xml) 5-10 times a minute.
The best we could do was install this in .htaccess to treat the 404 as a 403. We also created a dummy folder autodiscover with an autodiscover.xml blank file inside. If anyone has the answer or improvements on the workaround it would be MUCH appreciated.
# BLOCK NUISANCE REQUESTS
# perishablepress.com/block-nuisance-requests
<IfModule mod_alias.c>
RedirectMatch 403 (?i)/autodiscover/autodiscover.xml
RedirectMatch 403 (?i)autodiscover.clientdomain.com/autodiscover/autodiscover.xml
RedirectMatch 403 (?i)mail.clientdomain.com/Microsoft-Server-ActiveSync
</IfModule>
<Files 403.shtml>
order allow,deny
allow from all
</Files>- This reply was modified 5 years, 11 months ago by sagency.
Thanks. I tried adding, but in my original question…
If so what do I put in for the parameter type and param name?
Seems this might be related to Outlook Exchange. Help? What can I do in the settings to get around this? It’s coming from the client IP so I can’t block them.
I did clear all the caching and I run the plugin on several other sites with the theme.
I’m unable to perform any tests on the site that was involved yesterday because I have already uninstalled and reinstalled AIOWPS and got it restored.
If it happens on another site I will try these measures and see what happens.
Thanks.
I am back on, but not sure what cause the math captcha to error despite the right answer. Can you speak to that since we use it on a lot of sites? Thanks.
Totally deleted the plugin and searched and found all aiowps entries and the database and zapped them. Reinstalled the plugin and I think we are good to go. Didn’t risk it, I removed the math captcha and went with Google ReCaptcha instead. There might still be an issue with the math captcha.
Searched and found the extra aiowps entries in other tables not named aiowps and deleted them. That got rid of the custom URL login.
UPDATE. So I see 4.4.3 address recaptcha bugs. How can we install this if we can’t login?
If I do rename the old AIOWPS folder so I can get in and then I install the plugin again, will it corrupt the site? What will happen?
Thanks.
PS: We did login to the host and flushed cache, then tried VPN and it still says the Captcha is wrong.
Logged into host and renamed the AIOWPS plugin folder and could get back into the site using wp-login.php instead of the custom login URL.
Found the host caching plugin and added the custom URL to not be cached, renamed the plugin folder back to AIOWPS original name.
Still says Error when logging in.
Totally stuck.
- This reply was modified 6 years, 1 month ago by sagency.
Wow. Stunned.
- This reply was modified 6 years, 2 months ago by sagency.
Forum: Fixing WordPress
In reply to: Plugins Missing Option Links UnderneathIf I remember correctly it was because of one of two abandoned plugins the client was using. When I disabled it things went back to normal.
I know one was a WP Database reset but I think it was the other, some sort of deprecated WP editor. If you have either of those two try disabling them.
It was so infuriating to not have those plugin links.
@hristo-sg
As we stated several times, our client did receive your initial notification and did change the A record ASAP, but after 4 days the problem still occurred even after full, successful propagation until we persistently addressed it with SiteGround technical support. Only then was the problem resolved.Our client never experienced a brute force attack or a false one, just the IP detection. Wordfence seems to stand by it was not caused by their plugin caching. Both myself and another user could verify that. So your redirection being basic or not causing an additional load is totally irrelevant in our situation.
We’ll chalk it up as an internet mystery since we both have better things to do. Hopefully SiteGround will smooth out a bit after the transition to Site Tools away from CPanel, migrating to Google Servers, problems with SpamExperts server clusters, etc. SiteGround has still been the best hosting experience we’ve had moving away from Endurance owned hosting brands.
@starsknight can you shed any light as to why it started working for you? Did you contact SiteGround? Did you update domain settings? Asking for the benefit of others who find this post.
In our case all the IP detection methods showed my correct IP so switching them would have made no difference.