Title: VWFeature's Replies | WordPress.org --- # VWFeature [ ](https://wordpress.org/support/users/vwfeature/) * [Profile](https://wordpress.org/support/users/vwfeature/) * [Topics Started](https://wordpress.org/support/users/vwfeature/topics/) * [Replies Created](https://wordpress.org/support/users/vwfeature/replies/) * [Reviews Written](https://wordpress.org/support/users/vwfeature/reviews/) * [Topics Replied To](https://wordpress.org/support/users/vwfeature/replied-to/) * [Engagements](https://wordpress.org/support/users/vwfeature/engagements/) * [Favorites](https://wordpress.org/support/users/vwfeature/favorites/) Search replies: ## Forum Replies Created Viewing 15 replies - 1 through 15 (of 26 total) 1 [2](https://wordpress.org/support/users/vwfeature/replies/page/2/?output_format=md) [→](https://wordpress.org/support/users/vwfeature/replies/page/2/?output_format=md) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP Super Cache] Sugg-improve error message-WPCACHEHOME must be set in config file ///How to ?](https://wordpress.org/support/topic/sugg-improve-error-message-wpcachehome-must-be-set-in-config-file-how-to/) * Thread Starter [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years ago](https://wordpress.org/support/topic/sugg-improve-error-message-wpcachehome-must-be-set-in-config-file-how-to/#post-9094814) * Did that, BROKE my site!! Oops. * I put `CACHEHOME =/home//public_html/wp-content/plugins/wp-super- cache/` right at the top- * ``` # WP SUPER CACHE 1.2 CACHEHOME =/home//public_html/wp-content/plugins/wp-super-cache/ function wpcache_broken_message() { global $wp_cache_config_file; ``` * did that, then got **this** error: * > WP_CACHE constant set to false > The WP_CACHE constant is used by WordPress to load the code that serves cached > pages. Unfortunately, it is set to false. Please edit your wp-config.php and > add or edit the following line above the final require_once command: > define(‘WP_CACHE’, true); * ((**Ok, I can do that.**)) I put * ``` /** This was set to run WP Super Cache- */ define('WP_CACHE', true); ``` * ``` ((HERE)) /** Absolute path to the WordPress directory. */ if ( !defined('ABSPATH') ) define('ABSPATH', dirname(__FILE__) . '/'); ((HERE)) /** Sets up WordPress vars and included files. */ ((HERE)) require_once(ABSPATH . 'wp-settings.php'); ``` * One at a time, of course. All gave me * > HTTP ERROR 500 * I looked in /public_html/wp-content/wp-cache-config.php * and found `define( 'WPCACHEHOME', WP_CONTENT_DIR . "/plugins/wp-super-cache/");` * Removed the * ``` /** This was set to run WP Super Cache- */ define('WP_CACHE', true); ``` * STILL got the 500 error, flushed browser cache, still; a few min later, site went back to * > WP_CACHE constant set to false > The WP_CACHE constant is used by WordPress to load the code that serves cached > pages. Unfortunately, it is set to false. Please edit your wp-config.php and > add or edit the following line above the final require_once command: > define(‘WP_CACHE’, true); * ((**I’m stumped. How and exactly where do I put** )) * ``` /** This was set to run WP Super Cache- */ define('WP_CACHE', true); ``` * Thanks for your help!! * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP-Members Membership Plugin] I need password reset link in reset password email not auto generated password](https://wordpress.org/support/topic/i-need-password-reset-link-in-reset-password-email-not-auto-generated-password/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years ago](https://wordpress.org/support/topic/i-need-password-reset-link-in-reset-password-email-not-auto-generated-password/#post-9084763) * Emailing a password is horribly insecure. The email corpi go through many servers before arriving at the user’s door. Any of those could retain the email and use it to breach sites later. * In contrast, a reset link is only good for a limited time, so if someone came across an old email it wouldn’t breach the site. * This is an absolute deal-killer. Sorry. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin] UI suggestion for menu setting](https://wordpress.org/support/topic/ui-suggestion-for-menu-setting/) * Thread Starter [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years ago](https://wordpress.org/support/topic/ui-suggestion-for-menu-setting/#post-9067607) * I see you don’t understand continuous improvement. Or how to deal with customers. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Infopopup] Howto Popup text over image? Dumb question?](https://wordpress.org/support/topic/howto-popup-text-over-image-dumb-question/) * Thread Starter [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years ago](https://wordpress.org/support/topic/howto-popup-text-over-image-dumb-question/#post-9067332) * Um- I can put the text in the image title- But if I use infopopup, can I change the formatting of the text? * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[Check & Log Email - Easy Email Testing & Mail logging] Could not find how to use it, or it does not work with the latest WordPress](https://wordpress.org/support/topic/could-not-find-how-to-use-it-or-it-does-not-work-with-the-latest-wordpress/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years ago](https://wordpress.org/support/topic/could-not-find-how-to-use-it-or-it-does-not-work-with-the-latest-wordpress/#post-9048144) * The link is in the “Tools” menu. * I agree * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Check & Log Email - Easy Email Testing & Mail logging] How do you use this plugin?](https://wordpress.org/support/topic/how-do-you-use-this-plugin-9/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years ago](https://wordpress.org/support/topic/how-do-you-use-this-plugin-9/#post-9048137) * The link is in the “Tools” menu. This is NOWHERE!! in the documentation. I found it in a support thread. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin] Spam Ultimate member](https://wordpress.org/support/topic/spam-ultimate-member/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/spam-ultimate-member/#post-9032244) * Again, does this have **anything **to do with MEMBERS? If the spams aren’t coming from members, then you need to prevent spam in general. Install Apache SpamAssassin in CPanel, to protect your website mailserver. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin] Spam Ultimate member](https://wordpress.org/support/topic/spam-ultimate-member/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/spam-ultimate-member/#post-9028832) * You may want to change the addresses you use on the website and delete the ones spam emails are being sent to. What addresses are getting spam? (Just the username, not the domain name.) Do you you expose those email addresses on your site? Elsewhere on the web? (Scraper bots find and copy email addresses.) * If you expose emails on your site,you may want to install a plugin: Email Address Encoder. (As far as I can tell based on what you’ve said, the spams have nothing to do with ultimate member.) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin] Spam Ultimate member](https://wordpress.org/support/topic/spam-ultimate-member/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/spam-ultimate-member/#post-9025223) * Emails? Where are they getting your email address? What makes you think it’s related to UM? Are these folks members? If you had spam COMMENTS or POSTS, then you could require email confirmation when people become members. Look for a different spam solution- there’s many (Cerber, Wordfence, etc., etc..) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin] Notifications are not sent to the administrator](https://wordpress.org/support/topic/notifications-are-not-sent-to-the-administrator/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/notifications-are-not-sent-to-the-administrator/#post-9021559) * You need to give some more details of your installation. Describe your to/from email addresses Is the email being sent from your domain? (Super@yourWebsite. com) or an outside SMTP server? Many email services, including Google and Yahoo bounce emails if not. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin] HTTPS login](https://wordpress.org/support/topic/https-login/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/https-login/#post-9021550) * You need SSL. Look at “LetsEncrypt”(free SSL)-not all webhosts allow you to use it easily (it cuts out their reselling SSL services.) ZeroSSL allows you to use it manually. Cloudflare can also give you SSL. It’s a CDN. * You may want to make sure your ‘canonical’ is “www.yourWebsite.com”, not “yourwebsite. com” It seems to prevent some problems, but too complex for me. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Theme My Login] Does an activation key expire?](https://wordpress.org/support/topic/does-an-activation-key-expire/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/does-an-activation-key-expire/#post-9021488) * ??IIUC, The native WordPress ‘nonces’ expire in 12-24 hours, and I think that’s what gets put in a reset password link. Does the plugin eliminate that feature? * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP Cerber Security, Anti-spam & Malware Scan] blocking wp-login.php.](https://wordpress.org/support/topic/blocking-wp-login-php/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/blocking-wp-login-php/#post-9021027) * Hi makemake, The whitelist overrides the blacklist. When you set it up, Cerber automatically whitelists your IP adddress range. That means you COULD get attackers from your ISP, but that’s a small slice of the whole world. IMHO, it makes sense to disable the “admin” and “administrator” accounts, because they’re an obvious attack vector. Change your admin name to ‘your own Name plus some nonsense’ like George554, to reduce that vulnerability. * Read ArsTechnica’s articles on cracking. * And use a password manager (KeePass) and [strong passwords ](https://makemeapassword.org/generate/ReadablePassphrase) [https://makemeapassword.org/generate/ReadablePassphrase](https://makemeapassword.org/generate/ReadablePassphrase) * If they’re attacking wp-admin, then yes, using the IP blacklist will help, as will blacklisting ISPs that use the forbidden “admin” or “administrator” user names. * As does having a 100+ bit password ([https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html](https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html)) It’s called a layered defense. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP Cerber Security, Anti-spam & Malware Scan] Disable wp-login.php does not working](https://wordpress.org/support/topic/disable-wp-loginphp-does-not-working/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/disable-wp-loginphp-does-not-working/#post-9020871) * Hi Gioni, * Thanks for explaining this, and…good thinking!! I was going to ask if the whitelist overrides the blacklist or vice versa, for exactly the reason the poster was thinking. If I change to an alternate login, then blacklist every IP that uses wp-login.php, bots only get one chance (besides, I have a 150 bit password) but if something glitches w the alternate login, I can still get in. Brilliant!! * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Protect WP Admin] Please explain to a non coder how to change the permalink settings](https://wordpress.org/support/topic/please-explain-to-a-non-coder-how-to-change-the-permalink-settings/) * [VWFeature](https://wordpress.org/support/users/vwfeature/) * (@vwfeature) * [9 years, 1 month ago](https://wordpress.org/support/topic/please-explain-to-a-non-coder-how-to-change-the-permalink-settings/#post-9017242) * Admin panel, > settings, > permalinks. Open cPanel, file manager, find .htaccess( dot means hidden-s et to see all) and check permissions on the file. Google for meaning of 0444, etc. Viewing 15 replies - 1 through 15 (of 26 total) 1 [2](https://wordpress.org/support/users/vwfeature/replies/page/2/?output_format=md) [→](https://wordpress.org/support/users/vwfeature/replies/page/2/?output_format=md)