For example, I added this link (https://gwz-portal.s3.us-east-1.amazonaws.com/REIA%20Library/60-Day%20Game%20Plan.pdf) to be downloaded on this page (https://members.reianyc.org/download-testing/), but when the download button is clicked, it goes to this URL instead (https://gwz-portal.s3.us-east-1.amazonaws.com/REIA%2520Library/60-Day%2520Game%2520Plan.pdf), which brings up an error page.

Notice how the URL changed from https://gwz-portal.s3.us-east-1.amazonaws.com/REIA%20Library/60-Day%20Game%20Plan.pdf to https://gwz-portal.s3.us-east-1.amazonaws.com/REIA%2520Library/60-Day%2520Game%2520Plan.pdf with the addition of “25” to some places: https://gwz-portal.s3.us-east-1.amazonaws.com/REIA%2520Library/60-Day%2520Game%2520Plan.pdf

Any help on how I can fix this will be highly appreciated

I tried to save my backups in Amazon’s S3 but I always get “ERROR: AMAZON S3 Bucket <bucket-name> does not exist“.

S3 Service: Amazon S3: EU (Germany)
Multipart: checked
Version: latest
Signature: v4

Endpoint: https://s3.eu-central-1.amazonaws.com
Region: eu-central-1
Version: 2006-03-01

The credentials work, the bucket does exist and the policy on my S3 is working, too, because I tried with UpdraftPlus and it saved my backup right into the correct folder in my S3 account.

I also tried creating a new bucket with an other user but I got the some error.

WP 5.7.2
PHP 7.4.14 (64bit)
BackWPup 3.8.0
curl version 7.68.0, OpenSSL/1.1.1f
Bucket location: eu-central-1 / Frankfurt / s3.eu-central-1.amazonaws.com

I don’t know what I could try anymore.
Would be great if someone could help me further!

Only way to resolve at the moment is to disable CDN.

comment_*
wordpress_*
wp-settings-*
wp_woocommerce_session_*
woocommerce_items_in_cart*
woocommerce_cart_hash*
woocommerce_recently_viewed*
cart_*

Main Request
I need to adapt your plugin to work in a serverless environment using Amazon Cloudfront & WordPress, so I only have static html and js to interact with the page, that is, I cannot execute “PHP” code to make requests in time real.

Scenario
Currently the behavior I have with your plugin is that:
1) It does not create the cookielawinfo-checkbox-necessary because it is created with php which does not load in my environment.

2) When I enable the checkbox of the non-necessary section, it changes the value of the cookielawinfo-checkbox-non-necessary to “yes”, but when reloading the page it returns to its previous state of “no”, so which does not save the user’s selection.

Specific questions
-What file or script is responsible for saving the option selected by the users in the “Enable” checkbox for the cookie: cookielawinfo-checkbox-non-necessary?

-Is it likely that the plugin every time it refreshes the page will rewrite the cookielawinfo-checkbox-non-necessary cookie value to “no”?

Additional Information
Reviewing the source code of the plugin, I understand that many elements are created or executed by php and many others by js, for example the cookies cookielawinfo-checkbox-non-necessary and viewed_cookie_policy I understand that it was generated with js in the cookie-law-info-public.js and those cookies load correctly in my serverless environment. Although it loads the cookie cookielawinfo-checkbox-non-necessary, it does not save the user’s selection to allow or not the inclusion of the cookie script, as expressed above in the Scenario part.

Thank you very much in advance for your attention to my request. I understand that it is a question of a certain level of complexity and rare, for this reason any help you can give me will be VERY useful.

since October 18th, for the first time I’m getting hit by a wave of IPs all managed by AmazonAWS:

3.210.184.170
52.34.183.195
54.196.64.198
52.70.5.189
52.34.76.65
54.240.197.234
18.228.43.18
54.203.213.125
54.88.251.203
54.190.32.22
54.207.53.208
34.219.184.161
54.202.87.48
34.219.36.191
3.86.187.42
34.219.173.241
34.210.81.177
34.219.176.170
52.90.235.182

and counting…

Except the first IP, all these IP are detected by Wordfence, trying the same type of SQL Injection:
“blocked by firewall for SQL Injection in query string: s=index%2Findex%2Findex”

While report an abuse to the other web hosting like for example as GoDaddy, OVH, DigitalOcean etc, Amazon AWS it’s a pain in the a** at the same level of a Tor Node Exit, meaning that they do almost nothing and those are the scenario:

First Scenario

They receive the abuse report and pass the ball to their customer which basically can tell any story and apparently Amazon AWS is good with that.
The fact is that not being an IT expert nor a Developer there’s not match that I can reply.

Two of their clients answered back this:

The behavior is expected as the Trend Micro’s download service. When the customer uses Trend Micro products to connect to Internet, Trend Micro solution visits the site by using exactly the same approach/URL as the customer then analyze to prevent our customers from hackers. Our servers do not perform any action other than the customers did and do not perform access other than the 1st access to download the page which is for analysis purpose. There won’t following connections from Trend Micro even though the one keep accessing your site.

Once we have assigned a rating to a website, we designate rating of the sites so next customer who subsequently visit that same website will receive the relevant rating automatically from our servers. Our servers would generally no need to access those same websites again. However in some circumstances Trend Micro will still try to analyze your site. For example, there no detection result from your site. – Trend Micro

If I stay stick on Wordfence report, there’s no way that a customer, in order to visit my website as typed the server IP instead of the domain name plus s=index%2Findex%2Findex

On the other hand, Trend Micro refused to provide the supposed exact URL used by their customer.

Another Amazon AWS customer reply back to Amazon:

“This web request was made to determine if the URL was safe to access. It was not unsolicited, nor was it an attempt to catalog, index, probe, or otherwise “crawl” the URL in question. The request does not make spurious DNS requests or create an open proxy for arbitrary requests. It is not an “intrusion attempt” or a “web crawl”

Again, what kind of URL was safe to access? This one server IP/index.php?s=index%2Findex%2Findex

Furthermore Fireeye stated that their customer would have received an email with such link, which makes no sense.

And all of this brings to main question, when Wordfence detect an SQL injection is true? or Wordfence is wrong?

Second Scenario

Sometime, Amazon AWS does not accept the data that I provide from Wordfence, they do it randomly so I guess it depends by the agent that read the abuse report.
When they do not accept Wordfence data, they ask for this:

* Complete, accurate timestamps of the activity including
– Time Zone
* Destination IP(s)
* Destination port(s) and protocol(s)
* Log extracts showing the intensity and duration of the activity

Where I get this data if not from Wordfence/Tools?

thanks

There is something called “No itunes:explicit tag in feed”. What is that and how do I set this?
Suddenly Cloudflare and all my SSL certificates are not good enough anymore.
I save all my media on AWS. I never had an issue with this. Suddenly the certificate is not accepted by iTunes.
The image is too large? It is 3000×3000 as recommended by Powerpress.
And last but not least: “Your title ID3 tag is missing”. Where do I set this and what is it?

The only response I had from Mike Dell (Blubrry support) is:
“2 things… Cloudflare can cause issues and the big one, your SSL cert isn’t accepted by Apple.”
Not sure what to do with this info. It’s the same certificate and it worked for years. Why not now?

Any help would be much appreciated

Thanks

52.198.185.141 -> ec2-52-198-185-141.ap-northeast-1.compute.amazonaws.com

What would be causing this to be? I have a spider-sense of sorts that Castos is actually using AWS, but why would that cause our listening stats to be inflated and largely useless?

Other than the stats being not centralized (having some information only available while in an episode edit screen for example) and not quite as informative as I’d like in general, I do really like this plugin. I especially like the way that uploads don’t require me to leave my site backend. Thanks!

I’m having a problem with infinite scroll and Soliloquy. I saw the post who says to use soliloquyInitManually() to manually load the slider. But, when I trigger a ajaxStop event with jquery to call the function, an error on console says that soliloquyInitManually() is not defined.

When I look at sources files loaded the Soliloquy files are not loaded. This occurs only on ajax infinite scroll (note that this is a function of my theme not the plugin).

https://machosa.com/adriane-galisteu-nua-palmeiras/ (link with a working slider)

https://machosa.com/aviao-com-equipe-da-chapecoense-sofre-acidente/ (link with no slider, but when scroll to bottom, next post will be loaded, and when the next post has Soliloquy the slider is not loaded.

I’m hosting my website on Amazon AWS. I use W3 Total Cache with CloudFront as CDN for all my files, including plugins, themes and everything else. I use CloudFlare too, with rocket loader, minify and cache system.

How can I fix that? I really need help. I’ve tried a lot of things.

Thanks,
Cheers Mateus