Forum Replies Created

Viewing 15 replies - 1 through 15 (of 40 total)
  • CKxion

    (@ckxion)

    Same issue on two sites.

    My kind web host identified the issue for me and renamed the plugin.

    It appears I had old version. I updated the plugin but it now seems to work with the revised folder name all-in-one-wp-security-and-firewall-bak

    I assume it will be OK, but would prefer the original name, renaming file returns me to the same issue.

    Any comments from developers would be appreciated.

    ColinK

    Thread Starter CKxion

    (@ckxion)

    You are still a superstar, but I spoke to quickly about my resolution.

    The error message has gone away and gallery is displaying, but the image with category Deleted is still being returned.

    Let me clarify my logic, incase I was not clear.

    I have an image with category sml-full-length – it displays OK

    I add the Category Deleted (without removing sml-full-length – as I might want to use it again if the item comes back into stock).

    Now with both tags it is still returned.

    To make it not appear in gallery I have to remove the sml-full-length tag

    Assuming I am doing things correctly I am assuming you can recommend different Syntax, however a workaround might be to change the code to recognise a Deleted Tag

    Thanks CKxion

    Thread Starter CKxion

    (@ckxion)

    You are a superstar!!

    Thread Starter CKxion

    (@ckxion)

    Sorry for delay in getting back to you.

    The only difference between my code and your example above was the ellipses.

    I removed those and get the same error output. To double check I deleted my code and copied and pasted your code into the Text tab. I also copied to Notepad first and confirmed it was all on one line.

    The previous simpler code you recommended is still working fine on the same site.

    You kindly offered to investigate further. I would appreciate that.

    Ckxion

    Thread Starter CKxion

    (@ckxion)

    Yes – mentioned above. See screenshot.

    Please clarify the following:

    My ISP tells me the 1 IP that I get at least 2 X lockout notifications per day about has not visited the server in weeks.

    They tell me I can verify this by searching for the IP in the raw access logs. I have done this. IP not in log.

    Is my ISP correct about raw access logs?

    If so, then settings in plugin are irrelevant, IP is not attempting to login and lockout notifications are false.

    If my ISP is incorrect than I need to show them some access log to prove this.

    Note – again: immediately after lockout notification I check locked out IP’s – which is zero.

    Thread Starter CKxion

    (@ckxion)

    Hi
    Thanks again for your help. I have made an attempt but get an error which seems to be similar to “Magic Quotes”

    This is the code I entered:
    [mla_gallery type="default" size="medium" tax_query="array( 'relation' => 'AND', array( 'taxonomy' => 'attachment_category', 'field' => 'slug', 'terms' => array( 'sml-full-length' ), ), array( 'taxonomy' => 'attachment_tag', 'field' => 'slug', 'terms' => array( 'deleted' ), 'operator' => 'NOT IN', ), ), )" ... ]

    Differences between this an your example:
    type=”default” size=”medium” (but also tried without it)
    cat1 changed to the actual category slug sml-full-length

    The deleted tag does exist in my tags

    Error:
    ERROR: Invalid mla_gallery tax_query = ‘array( \’relation\’ => \’AND\’, array( \’taxonomy\’ => \’attachment_category\’, \’field\’ => \’slug\’, \’terms\’ => array( \’sml-full-length\’ ), ), array( \’taxonomy\’ => \’attachment_tag\’, \’field\’ => \’slug\’, \’terms\’ => array( \’deleted\’ ), \’operator\’ => \’NOT IN\’, ), ), )’
    I am assuming the \ is the issue, I see lots of references online, most seem to relate to older WP and suggest adding code to functions.php or footer.php

    I am reluctant to change core code if not necessary.

    I have tried:
    Copying to Notepad then to WP
    Copying directly to WP
    Manually deleting and replacing ‘ with the keyboard

    My site spec:
    PHP Version: 5.3.29
    WordPress Version: 4.3.1
    Genesis Version: 2.1.2
    Dynamik Version: 1.9.1
    Font Awesome Version: 4.4.0

    Your further help would be appreciated.

    Thread Starter CKxion

    (@ckxion)

    I think I did what you wanted – abandoned other thread and consolidated here.

    Developer reply would be appreciated.

    I believe I have set everything you asked in this post and previous post.

    Just got a lockout notification – same IP

    Nothing in the locked out IP list

    Nothing in the plugin logs

    Nothing in the raw access logs on cpanel.

    Ghost notification?

    Thanks

    Thread Starter CKxion

    (@ckxion)

    They are both the same site and the same “reported” login attempts, but different issues.

    One thread relates to how the hacker is getting to the login page / xmlrpc the other is about what the plugin is not reporting – therefore I felt it was better to have 2 threads for clarity – but you are the boss so I will consolidate here.

    It would be helpful if you could answer the questions below:
    1.
    Irrespective of whether I have a custom login url and pingbacks blocked (which I have) Assuming I have an IP blacklisted should I get an email notification giving a username that was used in an attempted login? I would have assumed that if the IP is blocked if I were to receive any notification it would just tell me the IP attempted to access – the username would be irrelevant. If no notification |I would expect to see it in the security log.
    1b
    On a side note – when the plugin sends a notification would it be useful if admin could find what password was used (maybe in the email or in the security logs) – this would identify if the user has fond a relevant password (or one of my passwords from somewhere else) and is just using the wrong username.

    2.
    If the plugin is posting lockout alerts should something be always posted in the security logs – irrespective of other settings like ‘bug tracking turned on?

    3.
    Is there a known issue where the plugin sends false lockout notifications (after a genuine one)? If not known then I believe this needs looked at.

    I have received notifications at least once a day, most days for the past 2 weeks relating to one IP.

    However:
    My ISP confirms the IP did access the server about 2 weeks ago, but nothing for the past 10 days. I have checked the raw access logs back to 29 November and the IP does not show.

    10 minutes after receiving a lockout notification yesterday I logged in and no IP was locked out.

    4.
    Is it possible to apply a setting where an IP is locked out for specific reasons (or after a specific number of attempts) that the IP is permanently locked out – rather than the current short period an hour I think)?

    Thread Starter CKxion

    (@ckxion)

    I have ping back vulnerability checked and rename login URL checked.

    Should I get lockout notifications relating to username?

    Thread Starter CKxion

    (@ckxion)

    I am getting lockout notices for 1 IP once or twice per day.

    My ISP is telling me the IP has not accessed my site. The IP is not in the raw access logs. The lockout notices continue.

    What next?

    Thread Starter CKxion

    (@ckxion)

    On the brute force tab I have custom login url set

    This is not a Brute force attack. It is single login attempts, at least once a day from one IP.

    I have the users IP in the blacklist manager.

    Is WPsolutions saying that security logs record nothing unless Enable Debug is ticked? I have now ticked it.

    There only seems to be one log in File Systems / Host System Logs – the log is named error log and has nothing since 2014

    Have I done everything suggested above.

    It does seems strange that all of the above needs to be done to get these logs to record anything: wp-security-log-cron-job.txt: wp-security-log.txt:

    Thread Starter CKxion

    (@ckxion)

    Thanks for your prompt reply.

    I tried that on another site – still get lockout reports.

    You have not clarified what cookie based brute force does or does not do.

    You have missed several points in my post.

    If I have it active should there be any way in which the hacker can access the login fields either via a url or xmlrpc?

    I do not see the benefit of cookie based brute force.

    Please clarify what I should expect / not expect regarding lockout notifications cookie based brute force active.

    Thread Starter CKxion

    (@ckxion)

    I should have added – if you can suggest a more suitable alternative plugin(s) that will give me a gallery + lightbox + social sharing – please do.

    Thread Starter CKxion

    (@ckxion)

    Back to my example 3a above

    Thanks for pointing out the importance of the slug – my error was because I was using the Tag Name

    [mla_gallery attachment_tag=’MY-TAG1,MY-TAG2′ tax_operator=”IN” mla_alt_shortcode=gallery type=”rectangular” mla_alt_ids_name=include]

    However I think I mis-understood the description in the Documentation.

    The above returns images that have tag1 OR tag2

    I want to return only images that have BOTH tags. (AND)

    Assuming that is possible could you suggest the correct syntax.

    ========
    Related
    If it is possible to return images in a specifc category + tags I woudl appreciate seeing the syntax eg Cat1 AND Tag 1

    Thanks

    Is it possible to set to disable xmlrpc pingbacks but add wordpress.com jetpack in the whitelist? If so what do I need to enter in whitelist settings?

Viewing 15 replies - 1 through 15 (of 40 total)