aporter
Forum Replies Created
-
Hi,
It looks like for some reason the plugin has not updated that database table for you.
Could you give me some more information please to help with debugging:
Are you on a multisite?
Have you visited the AIOS settings page since the update?
Are you getting that notice every time the cron runs or was it only once? (maybe the cron ran before the udpate code if thats the case)
Best Wishes,
AshelyHi,
This is not possible yet.
This feature is currently going through internal testing.
I don’t think it will make the next release which is due this week (version 5.2.5), but should be in the version after that.
Best Wishes,
AshleyForum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] 404 event logHi,
You can clean up that table sooner by using the following define:
define(‘AIOS_PURGE_EVENTS_RECORDS_AFTER_DAYS’, 30);
That will clean logs older than 30 days, you can change the number to what ever you want by default it’s 90.
The next release which should be out early next week will have a fix in it to stop the message_store table filling up with unused entries.
Best Wishes,
AshleyHi,
If your having an issue with the plugin then please open a support request, where one of our developers will be more than happy to help you.
We can help explain the various options and suggest some good basic options to try.
Best Wishes,
AshleyForum: Plugins
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Audit logsHi,
It’s likely someone is attempting to login via a brute force attack.
They likely used the WordPress API to get a list of users on your site and are now trying common passwords.
You can add the IP’s to the blocklist to try and prevent the login attempts.
You can also enable a feature such as a CAPTCHA to prevent bots automatically performing the login attempts.
Best Wishes,
AshleyForum: Reviews
In reply to: [All-In-One Security (AIOS) – Security and Firewall] Would recommendHi,
Thanks for the review!
Do let us know what improvements you would like to see, we are continuously improving the plugin and monitoring user feedback.
As for making use of a third party tool such as AbuseIPDB this is on our internal development list but we currently have no ETA on it’s implementation.
Best Wishes,
AshleyHi,
We had someone report this to us recently and when we looked into it we found the conflict was between the AIOS salt feature and WP STAGING Optimizer mu-plugin.
The salt feature generates random strings to be added to the end of the existing WordPress salts these are added via the ‘salt’ filter these strings are cycled on a cron.
So when the page loads the salts with postfixes are used to generate the nonces, but then when a WP STAGING action runs with the Optimizer option enabled it disables AIOS.
This means when the code then tries to check the nonces they no longer match as the postfixes are not loaded any more, because the ‘salt’ filter in AIOS can’t run to add them.
Best Wishes,
AshleyHi,
Can you share the contents of your user agent blacklist and details of how your testing it?
We have had no other reports of this not working and testing locally this appears to work as expected for me.Best Wishes,
AshleyHi,
Sorry about the delay.
In the past we have had issues where users had .htaccess features turned on, but they did not work on their server.
So by turning it on they had unknowingly blocked them selves from accessing their own site, but the feature did not work so they did not notice anything.
Then when we upgraded the rule from htaccess to PHP so that it works on all servers they were suddenly locked out.
To prevent this we started to temporarily turn the features off.
So you will want to turn the features on, then in another browser device check you can still access your site, if you can then theres nothing more to do.
Best Wishes,
AshleyHi,
You will need to turn the captcha settings off from the database.
These are found in {prefix}options table by default this would be wp_options
The options you want to change is:
aiowps_default_captcha
You want to set it’s value to “none”
If you can some how deactivate the plugin when it’s installed this will also clear the database options for you, removing it via FTP or similar won’t run the uninstall code.Best Wishes,
AshleyHi,
Are you using some sort of browser autofill or an addon that is automatically filling the form with your credentials and submitting without allowing you to input your TFA code?
Or there could be a plugin conflict, do you have any other plugins installed that you know are also running on your login pages/forms.Best Wishes,
AshleyHi,
What settings have you got active and what happens when you are blocked?
Are you shown a message or redirected somewhere else?
Best Wishes,
AshleyHi,
It sounds like your WordPress install does not have permission to write / edit files on the filesystem.
Could you speak to your host and ask them to give the needed permissions.
Best Wishes,
AshleyHi,
Can you ask your hosts to check your PHP error log and share that here via a service like pastebin please?
Best Wishes,
AshleyHi,
If your having an issue with the plugin then please open a support request, where one of our developers will be more than happy to help you.
Best Wishes,
Ashley