Tim Nash
Forum Replies Created
-
Forum: Plugins
In reply to: Hide a pluginYou can filter the Plugin table by using the “all_plugin” filter and remove the plugin from that list.
HOWEVER this is a terrible idea, if you are worried your client may turn the plugin off then there are several other approaches, for example using an mu-plugin. If you can’t do that or its a complex plugin you can edit the plugin_action_links filter to remove the deactivate option. Again this is not something I would recommend, but is certainly a better solution then hiding it all together.
If you are trying to hide the fact the plugin exists, or it’s name for some reason the plugin list is not the only place these sort of things show up. Your client will at some point come across the plugin and will be confused what it is.
So apart from the fact it won’t hide the plugin it will also mean that it will be hard to update it from the plugin page if its a plugin downloaded for w.org. This could mean you are potentially exposing your client to a security risk and they have no way of knowing or fixing the issue.
Forum: Networking WordPress
In reply to: Monitoring WordPress — logsBy default WordPress doesn’t provide that level of logging, however that is what plugins are for, so you will need to have a hunt for one that suits your need. If you are managing multiple sites across multiple server, you might either want to find one that writes separate files into a centralised server, or it might be easier to look for something that actually adds events into syslog depending on how you plan to evaluate them.
Forum: Fixing WordPress
In reply to: I want to add Credit card payment directly to page.Adding payment solution is not as simple as adding fields to a form, you need to work with a payment processor who will process your card payments.
You also need to securely take those details, you can’t just have them stored on your server, and you don’t want to be taking card payments over an unsecure connection.
Therefore I would recommend you look at the e-commerce solutions for WordPress, you can find several good ones in the the plugins section. Research payment providers and select one that works with the e-commerce solution and go down that route.
The big thing you don’t want to do is actually take and collect payment details yourself. At best you are exposing yourself to a world of hurt, at worst it maybe illegal without the relevant paperwork in your country.
Forum: Fixing WordPress
In reply to: cant get to log in pageI’m sorry I don’t understand your question, are you saying your site is redirecting to the above URL?
If so are they your host? If they are have you contacted them?
Forum: Fixing WordPress
In reply to: blank page after stoping updated pluginsIf you have a white page, then it’s most likely caused by a fatal error, which also probably stopped the plugins updating.
If you have access to your server error logs, most likely there will be an error in there with the name of the plugin. If you rename the folder of this plugin it will deactivate.
Assuming this brings everything back, you can try to manually update the files for this plugin, if the issue still continues deactivate it again by renaming and contact the plugin.
If you can’t see an error you could disable all plugins and then reactivate them one at a time.
Forum: Fixing WordPress
In reply to: Installing responsive themeWhat happens if you go there directly?
It could be something to do with your host, or your site may have an error, can you access your server error logs, probably in your control panel, what does the last entry say?
Forum: Plugins
In reply to: [Contact Form 7] Mail tags work, email address doesn'tSaying what plugins and theme you are using, will not compromise your sites security and unlikely to be commercially sensitive. So even if you don’t want to include the URL you can still post that info.
Asking folks to contact you outside the forums is generally frowned upon, remember folks including plugin developers are volunteers so make the barrier to help you as low as possible. Hope you get it sorted.
Forum: Requests and Feedback
In reply to: WordPress ought to issue deprecation notices, reallyI think it’s important to also distinguish between old and abandoned, just because a plugin hasn’t been updated doesn’t mean it no longer functions or is abandoned, it could mean it doesn’t need updating.
As more and more devs switch to the philosophy of a single plugin for a single function, you are going to find lots of very small, few lines of codes that do the job today and will continue doing them in ten years time if you let them.
Are these becoming less secure as they age? while possible it’s unlikely.
Indeed an argument could be said that older, stable battle tested reviewed code that doesn’t get constant updates and changes is a good thing.
There is an argument that historically code reviews before plugins were approved on w.org were sketchy at best, thats no longer the case and every plugin is reviewed initially however the changes are not. So you could draw a line and say anything pre 2010 is a wee bit suspect.
But remembering on the first update which could change 100% of code is not reviewed before pushed the argument older a plugin less secure doesn’t hold much weight, as the more recent the plugin update the less eyes will have been passed over it, the more likely you could argue a security hole will develop.
This is especially true as plugin features increase as does the codebase. So something that entered the repo as a small little thing of a few hundred lines of code. Can easily spawn thousands of lines of unreviewed code just one iteration later.
So within the repo, you are looking for small plugin, with limited codebase, which has never had an update and has been approved in the last couple of years. Even then you are relying on a human and some automated tests spotting issues.
If we applied that ruleset and flagged everything else, we would have a pretty robust secure(ish) set of plugins and an awful lot of angry folks wanting all the features of the thousands of other plugins.
Forum: Fixing WordPress
In reply to: Problem with xmlrpc.php !!No its behaving as it should and search engines shouldn’t be going near it and if you they do the wouldn’t get anything useful out of it.
Forum: Fixing WordPress
In reply to: upgrade to 4.2 nothing worksIf your browser has an incognito mode then try login in with it, does this let you get to the dashboard?
Forum: Fixing WordPress
In reply to: Problem with xmlrpc.php !!HTTP 405 is not a broken link, it indicates method not allowed, just simply loading the file doesn’t return anything hence that status code. It’s behaving as it should.
Forum: Fixing WordPress
In reply to: Connection Information – FTP credentialsYou can disable File modifications to theme & plugin if you are using version control by
define( 'DISALLOW_FILE_MODS', true );Forum: Fixing WordPress
In reply to: thousands of queries simultaneously from wp_postmetaWell something was trying to return all the metadata associated with post ID 22726 might be worth looking to see what that post is?
It could be something as simple as one of your posts is incredibly popular and causing issues. It could also be something else less good. Do you have external analytics like Google Analytics or WP.com stats that you can look at?
Forum: Hacks
In reply to: Custom Registration Not Saving First and Last Name ValuesYou have an object $fields but you are not populating it with data before you are validating against it so nothing is being entered.
Forum: Fixing WordPress
In reply to: An unexpected error occurredThe most likely issue is the webserver can’t connect to the internet or is unable to connect securely. If you have error logs on the server, check them for more detailed information as to what has failed.