worldmaker
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Updated to 6.9 & some Admin Page Icons missingSorry for the delay and thank you both for your comments @threadi @bcworkz
I did nothing to it in the last couple of weeks but it’s fixed itself and the icons have returned.
Possibly after the background update to 6.9.1 and any refreshing effects, or just refreshing my browser.
Mysterious, but fixed. 🙂
Forum: Plugins
In reply to: [W3 Total Cache] Error updating to 2.8.13My apologies for the delay, much work to distract me from this issue.
I understood your advice to uninstall and reinstall and waited on version 2.8.14.
This was easily achieved with the control panel, deactivate, remove, install a copy I had downloaded, and activate. No need to go through anything else.
All working now.
Thank you.
Thanks for your reply, and that solves part of the question.
I do have a substantial .htaccess but AIOS has not put the auto_prepend_file directive in there so I assumed AIOS didn’t see a need for such an entry, hence my query.
Meanwhile Wordfence is suggesting hiding/securing the .users.ini file by, I guess, making an entry into .htaccess for that file. So my question also goes to whether this security, keeping the .users.ini as-is and letting Wordfence hide/secure it in .htaccess, will have any effect on the function of .users.ini when AIOS is calling it. Alternatively does it really matter from a security point of view, is there any hazard in leaving it all alone (and avoid me making a mess of anything :o) )?
It’s AIOWPSEC, thus:-
#Begin AIOWPSEC Firewall
auto_prepend_file=’/ … /aios-bootstrap.php’
#End AIOWPSEC FirewallAs you can see it directs to “aios-bootstrap.php” and “Firewall” hence my query here.
Now I have access again I can see how the issue was the Login Whitelist, and now I can see the warning message.
I’ve disabled it in the settings and I will leave the code snippet in the wp-config.php for al sites.
Thank you for all your patience and assistance.
Solved! 🙂
(Unless something else happens.)
First code snippet works on all sites.
define( 'AIOS_DISABLE_LOGIN_WHITELIST', true );I assume this means the Logon White List function on AIOS will need more careful management or disabling?
I just completed the test with wp-config.php and the “define()” you suggested. You you suspected this did not work.
I have also repeated my tests with different computes, old and new, and different browsers.
When using Mozilla Firefox browser, old and new machines, I receive the blank renamed login page.
When using Google Chrome in the new machine (Windows 11) I receive the HTTP ERROR 403 message.
You asked for a copy of the settings to post to you on pastebin.com. I cannot give you the latest settings because I cannot access AIOS. If I disable AIOS to use the generic Admin login page then AIOS is disabled and I cannot export any setting. If I enable AIOS from within the admin page I am thrown out of the system and cannot log back in because of this issue with the renamed login page.
I do have a copy of the settings from last week but I am not confident in posting them to a public forum like pastebin.com because of the security settings. I can send you the text file with the key passwords removed if that is okay.
I just performed a test with a newer machine and browser (I have been using an old workstation and browser for my work).
This time I received an error 403:-
Access to (domain) was denied
You don’t have authorisation to view this page.
HTTP ERROR 403
Does that help?
I will wait and see if you have any further suggestions before I delete the plugin for a fresh install, especially as that will loose all my security settings.
I am intrigued to learn what is happening in case it is a more deeply-rooted issue.
For your information I mentioned the Cloudflare Turnstile captcha process for the login page, but I see this may not be a part of the issue. I have several sites with this issue but two of them do not have that captcha activated. I also have one site where AIOS is not activated and no issue, so I am not sure if there is a server issue.
However, for your information my WP server installation uses WordPress version 6.8.1, Database MySQL 8.0 and PHP 8.3.
I had one suspicion there may be a conflict with another element, but rolling back on that did not change the situation.
I have checked the DB entry for all AIOS settings and the Custom Login page address is there, DB has not been corrupted as best as I can see.
The only other idea I can imagine today is whether the process of serving up the page is being interrupted, broken, en route? I have been using the Cloudflare Turnstile captcha process to secure the pages and wonder if this is part of the process and now broken?
Unless you can think of something else?
Tests:-
- Uploaded new version of AIOS via FTP, swapping old for new folders.
Refreshed browser and visited custom login page.
Still no access – blank login page. - Disabled AIOS folder and reverted to generic Admin login page.
Successful login.
Entered plugins Admin.
Disabled all plugins.
Logged out.
Reactivated AIOS folder from ftp.
Tried to login on custom login page – FAILED – blank again.
Disabled AIOS at ftp and reverted again to generic WP Admin login.
Activated AIOS from within plugins page.
Automatically thrown out. (that’s normal security of course.)
Returned to custom login page – blank.
Conclusion today. The up-date to AIOS and disabling all plugins did not solve the problem.
With AIOS alone active there appears no conflict with any other plugin, but the custom login page is still not being served up.
I cannot investigate the settings for AIOS once I have activated it from within Admin because I’m automatically thrown out to the custom login page process.
I’m trapped in a security loop where I cannot access any AIOS setting or any aspect of AIOS from within the site Admin pages. If I disable AIOS I can access the site I’m using to test all this and maintain the site.
I appreciate that this does not seem to be an AIOS fault as the plugin was working successfully a week ago on the older version 4.5.0.
I suspect another conflict in my system.
I’m using 5.4.0, not the latest version. I haven’t been able to update and patch it. This is why I began to suspect an AIOS issue, given how many errors you are fixing with 5.4.1
I inspected the sources code for the custom login page – blank html, no content being served into any of the login pages, thus:-
<html>
<head></head>
<body></body>
</html>.htaccess is okay, several weeks old and no recent changes. All working correctly as of Monday when I updated a few plugins.
I disabled all those plugins via FTP on one site to test, and no change to this issue.
Disabled the AIOS plugin folder on one site, reverting, briefly, to /Admin login page. Full access to the admin pages.
Suspect either flaw in AIOS or conflict between AIOS and the recent plugins I updated, maybe?
I can’t list the plugins here for security reasons, but if you have a secure support email I can forward them if you want to run your own tests.
@hjogiupdraftplus Thanks for your first response.
Login page is completely blank , no error message and no access into Admin area.
I’ll try the other tests and check .htaccess there might be an issue in there or something not related to AIOS
Forum: Themes and Templates
In reply to: [Responsive] Update to 6.1.0Sorry for the typoes in my last post, I meant “Layout of each row, item….”
And the settings in the Header Builder only allows three columns, preset across the width of the page.
It is the Footer Builder which allows for up to six columns for widgets in each of the three layers of the footer.
It was a long day. 🙂
- Uploaded new version of AIOS via FTP, swapping old for new folders.