CKxion

Same issue on two sites.

My kind web host identified the issue for me and renamed the plugin.

It appears I had old version. I updated the plugin but it now seems to work with the revised folder name all-in-one-wp-security-and-firewall-bak

I assume it will be OK, but would prefer the original name, renaming file returns me to the same issue.

Any comments from developers would be appreciated.

ColinK

You are still a superstar, but I spoke to quickly about my resolution.

The error message has gone away and gallery is displaying, but the image with category Deleted is still being returned.

Let me clarify my logic, incase I was not clear.

I have an image with category sml-full-length – it displays OK

I add the Category Deleted (without removing sml-full-length – as I might want to use it again if the item comes back into stock).

Now with both tags it is still returned.

To make it not appear in gallery I have to remove the sml-full-length tag

Assuming I am doing things correctly I am assuming you can recommend different Syntax, however a workaround might be to change the code to recognise a Deleted Tag

Thanks CKxion

You are a superstar!!

Sorry for delay in getting back to you.

The only difference between my code and your example above was the ellipses.

I removed those and get the same error output. To double check I deleted my code and copied and pasted your code into the Text tab. I also copied to Notepad first and confirmed it was all on one line.

The previous simpler code you recommended is still working fine on the same site.

You kindly offered to investigate further. I would appreciate that.

Ckxion

Yes – mentioned above. See screenshot.

Please clarify the following:

My ISP tells me the 1 IP that I get at least 2 X lockout notifications per day about has not visited the server in weeks.

They tell me I can verify this by searching for the IP in the raw access logs. I have done this. IP not in log.

Is my ISP correct about raw access logs?

If so, then settings in plugin are irrelevant, IP is not attempting to login and lockout notifications are false.

If my ISP is incorrect than I need to show them some access log to prove this.

Note – again: immediately after lockout notification I check locked out IP’s – which is zero.

Hi
Thanks again for your help. I have made an attempt but get an error which seems to be similar to “Magic Quotes”

This is the code I entered:
[mla_gallery type="default" size="medium" tax_query="array( 'relation' => 'AND', array( 'taxonomy' => 'attachment_category', 'field' => 'slug', 'terms' => array( 'sml-full-length' ), ), array( 'taxonomy' => 'attachment_tag', 'field' => 'slug', 'terms' => array( 'deleted' ), 'operator' => 'NOT IN', ), ), )" ... ]

Differences between this an your example:
type=”default” size=”medium” (but also tried without it)
cat1 changed to the actual category slug sml-full-length

The deleted tag does exist in my tags

Error:
ERROR: Invalid mla_gallery tax_query = ‘array( \’relation\’ => \’AND\’, array( \’taxonomy\’ => \’attachment_category\’, \’field\’ => \’slug\’, \’terms\’ => array( \’sml-full-length\’ ), ), array( \’taxonomy\’ => \’attachment_tag\’, \’field\’ => \’slug\’, \’terms\’ => array( \’deleted\’ ), \’operator\’ => \’NOT IN\’, ), ), )’
I am assuming the \ is the issue, I see lots of references online, most seem to relate to older WP and suggest adding code to functions.php or footer.php

I am reluctant to change core code if not necessary.

I have tried:
Copying to Notepad then to WP
Copying directly to WP
Manually deleting and replacing ‘ with the keyboard

My site spec:
PHP Version: 5.3.29
WordPress Version: 4.3.1
Genesis Version: 2.1.2
Dynamik Version: 1.9.1
Font Awesome Version: 4.4.0

Your further help would be appreciated.

I think I did what you wanted – abandoned other thread and consolidated here.

Developer reply would be appreciated.

I believe I have set everything you asked in this post and previous post.

Just got a lockout notification – same IP

Nothing in the locked out IP list

Nothing in the plugin logs

Nothing in the raw access logs on cpanel.

Ghost notification?

Thanks

They are both the same site and the same “reported” login attempts, but different issues.

One thread relates to how the hacker is getting to the login page / xmlrpc the other is about what the plugin is not reporting – therefore I felt it was better to have 2 threads for clarity – but you are the boss so I will consolidate here.

It would be helpful if you could answer the questions below:
1.
Irrespective of whether I have a custom login url and pingbacks blocked (which I have) Assuming I have an IP blacklisted should I get an email notification giving a username that was used in an attempted login? I would have assumed that if the IP is blocked if I were to receive any notification it would just tell me the IP attempted to access – the username would be irrelevant. If no notification |I would expect to see it in the security log.
1b
On a side note – when the plugin sends a notification would it be useful if admin could find what password was used (maybe in the email or in the security logs) – this would identify if the user has fond a relevant password (or one of my passwords from somewhere else) and is just using the wrong username.

2.
If the plugin is posting lockout alerts should something be always posted in the security logs – irrespective of other settings like ‘bug tracking turned on?

3.
Is there a known issue where the plugin sends false lockout notifications (after a genuine one)? If not known then I believe this needs looked at.

I have received notifications at least once a day, most days for the past 2 weeks relating to one IP.

However:
My ISP confirms the IP did access the server about 2 weeks ago, but nothing for the past 10 days. I have checked the raw access logs back to 29 November and the IP does not show.

10 minutes after receiving a lockout notification yesterday I logged in and no IP was locked out.

4.
Is it possible to apply a setting where an IP is locked out for specific reasons (or after a specific number of attempts) that the IP is permanently locked out – rather than the current short period an hour I think)?

I have ping back vulnerability checked and rename login URL checked.

Should I get lockout notifications relating to username?

I am getting lockout notices for 1 IP once or twice per day.

My ISP is telling me the IP has not accessed my site. The IP is not in the raw access logs. The lockout notices continue.

What next?

On the brute force tab I have custom login url set

This is not a Brute force attack. It is single login attempts, at least once a day from one IP.

I have the users IP in the blacklist manager.

Is WPsolutions saying that security logs record nothing unless Enable Debug is ticked? I have now ticked it.

There only seems to be one log in File Systems / Host System Logs – the log is named error log and has nothing since 2014

Have I done everything suggested above.

It does seems strange that all of the above needs to be done to get these logs to record anything: wp-security-log-cron-job.txt: wp-security-log.txt:

Thanks for your prompt reply.

I tried that on another site – still get lockout reports.

You have not clarified what cookie based brute force does or does not do.

You have missed several points in my post.

If I have it active should there be any way in which the hacker can access the login fields either via a url or xmlrpc?

I do not see the benefit of cookie based brute force.

Please clarify what I should expect / not expect regarding lockout notifications cookie based brute force active.

I should have added – if you can suggest a more suitable alternative plugin(s) that will give me a gallery + lightbox + social sharing – please do.

Back to my example 3a above

Thanks for pointing out the importance of the slug – my error was because I was using the Tag Name

[mla_gallery attachment_tag=’MY-TAG1,MY-TAG2′ tax_operator=”IN” mla_alt_shortcode=gallery type=”rectangular” mla_alt_ids_name=include]

However I think I mis-understood the description in the Documentation.

The above returns images that have tag1 OR tag2

I want to return only images that have BOTH tags. (AND)

Assuming that is possible could you suggest the correct syntax.

========
Related
If it is possible to return images in a specifc category + tags I woudl appreciate seeing the syntax eg Cat1 AND Tag 1

Thanks

Is it possible to set to disable xmlrpc pingbacks but add wordpress.com jetpack in the whitelist? If so what do I need to enter in whitelist settings?