tomdkat
Forum Replies Created
-
I don’t think it’s really fair to view WordPress, itself, as having security issues if the security problems tend to be with the plugins. Security issues with the base WordPress system are issues with WordPress, itself, and should be the only issues considered when judging how good or bad WordPress is, as a software application.
Thanks for posting the link to the article. Adobe Flash is a different beast since Flash exploits are exploits in the “base” software, developed by Adobe.
I tend not to run many plugins in the WordPress sites I maintain and I tend not to have many security issues or successful breaks or exploits.
Thanks for the info. 🙂
Hi! Did you ever get your issue resolved?
Thanks!
I’m actually still having the issue I originally reported and the behavior described by Vakantie Ameland is the same behavior I’m seeing, with the exception of my not running Fail2ban. I just haven’t had the time to do the troubleshooting you two have. 🙂
I run NinjaFirewall on 4 WordPress installations and only one of them is having the issue. I’ll see what differences I can find between the two installations. The main difference I know of now is the one that doesn’t work is hosted at site5 and the one that does is hosted at HostGator.
That’s it for now…
Thanks!
For me, I see the “Loading” message with the animated dots and after a few seconds, I get the “Error: unable to load signatures (#2)” message.
If this is due to a signature parsing issue, how can I correct it? I haven’t done anything except upgrade NinjaFirewall and tried to do the scan.
Thanks!
Peace…
Forum: Plugins
In reply to: [JQuery Html5 File Upload] Exploits to be expected?Yep, same here. Given this plugin hasn’t been updated in a year, I certainly hope there aren’t any vulnerabilities waiting to be exploited. *sigh*
Forum: Plugins
In reply to: [BruteProtect] Should BruteProtect be left activated?Thanks!
Forum: Fixing WordPress
In reply to: Question about failed login redirectionThanks for the reply! If I enter bad login information, I remain at http://www.mydomain.com/blog/wp-login.php, which is what I expect. In the log, I see the redirect to http://www.mydomain.com/blog/wp-admin.
So, I think everything’s ok, with my WordPress installation, but I was caught off guard by the reference to that other domain.
Thanks again and Happy New Year!
Forum: Fixing WordPress
In reply to: Whois Abdull Karem and why are they scanning?As of this morning (10/19/2015), I’m seeing similar activity in my logs too. I see GETs of:
/index.php
/wp-content/plugins/hello.php
/wp-admin/index.php
/wp-content/plugins/index.php
/wp-content/themes/index.php
/wp-content/index.phpall coming from IP address 83.247.10.226, which is in the Netherlands.
Peace…
Forum: Plugins
In reply to: [BruteProtect] Cannot request for API keyThanks for that info. When I read the “BruteProtect is no longer supported” post, I see this:
As of March 2015, Jetpack also includes botnet protection. Therefore, we are no longer making any additions or improvements to the BruteProtect plugin. Protection against botnet attacks will not be interrupted, BruteProtect will continue to protect your site for free until the end of 2015. If you are having trouble with BruteProtect, please install Jetpack, ensure that the Protect module is activated, and remove BruteProtect.
I installed BruteProtect 2.5 today and the dashboard widget has disappeared completely. Has the above position, with regard to BruteProtect continuing to work until the end of 2015 changed?
Thanks!
Thanks for the reply. The thing is, I’ll get that warning message when I first login to the WordPress Dashboard and before I’ve run UpdraftPlus.
It’s not a big deal, just something I wondered about. 🙂
Thanks!
Forum: Plugins
In reply to: [BruteProtect] BruteProtect upgrade problemOk, I just upgraded to version 2.4.2 and everything went smooth as silk. 🙂
For those who are still having problems, this is what I did:
1) Login to the server via FTP
2) Found the /wp-content/plugins/bruteprotect/ directory
3) Renamed it
4) Logout of server
5) Logged in to WordPress dashboard okThis morning, when I logged in to WordPress, I saw an update notification for BruteProtect 2.4.2. I updated it from within WordPress, as normal, and everything worked without issue.
Thanks for fixing the problem so quickly!
Peace…
Forum: Plugins
In reply to: [BruteProtect] BruteProtect upgrade problemOne quick question. Will version 2.4.2 require JetPack?
Thanks!
Peace…
Forum: Plugins
In reply to: [BruteProtect] BruteProtect upgrade problemThanks for the update!
Peace…
Forum: Plugins
In reply to: [BruteProtect] BruteProtect upgrade problemAlso, since I now can’t access the Dashboard, I won’t be able to install any subsequent update to BruteProtect. So, how can I regain access to the Dashboard?
Thanks!
Peace…