EllsWeb

Hello, No, I’m not gone, just busy.

Actually, I need something I can upload large files with. I have settings via server php.ini of 1000mb. I have set the memory to 256mb and then to 500mb and with either setting, the plugin takes all the memory.

I have tried this both with local install and with hosted install and it doesn’t matter. Yes, I have taken everything back to default. And it has the same problem.

I have since gone on to use Gravity Forms. It doesn’t give me the multiple complicated steps to set up, there is no issue with memory and I have the option to upload using chunks, which I don’t see with your plugin. You can close this topic because I won’t be using your plugin. Thanks

Oh, and I am on a dedicated server, there is no shared hosting issue. Just thought I would throw that in just in case that gets brought up. Cheers.

I apologize for not following up on this thread. I didn’t receive an email notification of your response. However, the way it was done a month ago, your site did require me to sign up.

I have since uninstalled the plugin and won’t bother installing it again. I have found an alternate source for scanning.

Thanks for your response though. I appreciate it.

I agree, an updated video would sure be nice. The install procedure on the video is way outdated. Just in case you hadn’t noticed. The plugins don’t have an install on the right side of the admin anymore. And seldom does WP ask for ftp unless there is an issue with the host.

I didn’t get much further than that because it is obvious the video is outdated, and going to youtube, the video was uploaded three years ago. You updated the plugin when?

I can talk with you about this issue if you would like.

Where does the plugin check for possible files? sql isn’t a normal file for WordPress. And with phpmyadmin allows sql. Do I have to convert an sql file before I can import or do I need to upload the sql file somewhere for the plugin to find it?

It’s a shame such a nice plugin is unreliable with multisite. Is there any plan to make the plugin compatible with multisite?

@lemoreno,

you are right when it comes to them wanting you to upgrade membership to get support. Recently on their forums, you see most of the “free” support being asked to upgrade to get better support.

They claim you can get free support, but @robert62 on almost all threads recently has been urging people to upgrade. So, free support isn’t available here as @robert62 has made the requirement for you to go to their site and ask for support there. Once there, you will probably be asked to upgrade.

I wouldn’t mention it, but Simon, the Dev. has said on here before that they don’t try to make you upgrade. I think things have changed a little. But don’t take my word for it. Try it..

If WP Symposium hasn’t changed the way it handles users (I haven’t tried lately), WP Symposium should inherit all users from the WP Database. You shouldn’t have to import them as they are already there.

Any update on working with multi-site?
Sure would be nice to be able to use with multi-site.

I forgot to mention, the installs are on linux centos server, now windows.
Any help out there?

Thinking about what might be considered individual site control such as maybe a site dashboard menu item, one could consider placing a dashboard item to give the individual site certain amounts of control over their site.

One item I would consider of value would be allowing a site admin the option to protect the login area or the dashboard area using 6scan. A couple or a few check boxes would accomplish that if you want to give that option. I wouldn’t concern myself with whether or not a site admin should have the ability to scan files, UNLESS some sites might offer frontend uploading of files or even backend uploading of files on an individual site. In those cases, I would presume it wise (if files are scanned) to allow a site admin the option to scan uploaded files.

But other than that, I don’t see where there is a need for any site admin to need to scan files relating to the installation of any plugin, theme or core files of the network. I hope I said that so that it is understandable.

But I would reiterate the fact that site admins do not upload plugins or themes, there is no allowance for that in WordPress. All theme and plugin uploads as well as installations are done in the network admin section (as are the editing of plugin and theme files) via the network admin “editing” menus respectively to themes and plugins.

If there are multiple networks allowed on a multisite install, there is still the fact that only the Super Admin uploads and installs themes and plugins. All options for selection of plugins and themes available on a network are under the control of Super Admin (or Network Admin) and unless the Super Admin makes another user a Super Admin of the network there is only one Super Admin.

That’s my understanding anyway. I hope that helps.

I don’t know all of what 6scan does. I can’t use it on my multisites so I didn’t get really deep into it. I usually read as much as I can about those things, but I haven’t with 6scan.

The description says it is more in line with protecting sites from hackers and exploits, so I would think it is more for protection from someone trying to do something to your site or network.

What I do know is 6scan would have to be able to scan the database to determine how many sites there are and what they are so that it can protect the static login pages from malicious attempts to access and damage the network.

However, it is my understanding that a breach in one subsite wouldn’t give a hacker access to the network unless the network admin account is hacked. They might damage a subsite, but not the network. In that case, the Network Admin should have something set up to require harder passwords and encourage usernames that aren’t easy to guess.

Although, some bots can find usernames by scanning the source of some sites.. It all gives me a headache trying to figure out all of what security has to do to protect a site.

But, multisite isn’t as fluid a configuration as what the questions raised above imply. There are different configurations, but they all pretty much function the same way. Even the difference between subdirectory subsites and subdomain subsites is still a manipulation of the database, it’s just knowing how that manipulation works. The structure is still basically the same. WordPress creates the illusion of a subdomain install and it creates an illusion of subdirectory installs (based on the choice made at initial configuration of the network). It’s all still the same files. No extra directories full of seperate installs.. it’s all one install.

Of course, I could be way out in left field in my understanding, but that is what I have been able to figure out.. lol

Hi 6Scan,

Taking points as presented.

Only Super Administrators can modify plugins. Subsites do not have that functionality. I don’t believe there are any configurations of multisite that allow for subsites to have access to files. Attempting to produce a plugin that allows for that, would actually override the functionality of WP Multisite and would create massive security issues no matter how it is applied.

If a site admin wants to fix a vulnerability in a plugin, they would have to communicate with the Super Admin to accomplish such a task. The Super Admin runs the network. The Super Admin is responsible for such changes and if a fix was something relating to security, and the site admin didn’t like it, well… then maybe the site admin might want to consider creating their own network. Can you imagine what would happen at wordpress.com if site admins had the ability to determine which changes were to be made to plugins? I will tell you.. They would be reminded that self hosting is an option.

Last, it seems you are attempting to factor in things that are completely outside the scope of multisite configurations. If you put all your “if’s” aside and deal with WP Codex and that alone, that would be a major step in the right direction.

Why try to put in all of those “if’s” into consideration, when we all know they don’t apply to WP Multisite?

Super Admins have that control, nobody else. And nobody else should have that control. If there is a security issue with a setup, your software should handle that at the Super Admin level, not any other level.

Let the Super Admins administer the network.
The way it is now, even Super Admins don’t have the ability to scan their sites with your software. IF there is a way to do what all of your “if’s” suggest as possibilities, then I would understand your argument. But, the reality is, you attempting to create all the roadblocks that do not exist, only makes your job harder.

If a site admin wants to come to you and ask for a functionality that WP doesn’t allow, you can just as easily tell them that isn’t possible and that they should talk with their Network Admin regarding such things. And if they don’t want to do that, then they can administer their own network.

Multisite is not that difficult to understand. There is a Network Admin (which is the Super Administrator). The responsibility for the network rests with that administrator. It’s that simple. And that’s the way WP has set it up. Until they change it, let’s just go with their program and work with the new way of doing things “IF” that ever happens.

[edit]

You might consider looking at Wordfence and the way they set up their plugin. Their plugin is a network activated plugin. It creates a network admin menu item (nowhere else) and when a scan is done, it is done from the network dashboard, nowhere else.

That is where your plugin should reside, since all files are scanned from one place and should only be scanned from one place. If code exists on a subsite that was allowed by a site admin, the alert would show up in the scan available to the Network Administrator. And the correction process would then be initiated based upon the Network Administrator’s own discretion.

A plugin like this, with all the knowledge required to take care of security, I’m surprised, especially as long as multisite has been out, that they drag their feet on implementing such compatibility.

I’m not sure I would want it on my site if it’s that hard for them to make it multisite compatible.

In most configurations, all of the files are accessible from the base site. All other sites use the same files it’s just handled differently with the database. So, it shouldn’t really be that hard. Activate on the base site and scan, all sites (but the coding checks for multisite and if multisite is found, it just echos out that it’s not multisite compatible).. Of course, I don’t have a clue what I’m talking about… lol

Thank you…
It seems you have fixed this issue.. Great plugin..

I didn’t have to deactivate plugins I did switch to 2012 theme and saw the issue wasn’t there with that theme. I checked the theme I am using “Catchbox” and I found (under #branding) the use of z-index: was set at 9999. I changed that to 9 using the custom css and the problem is corrected.

Thanks for pointing the css out. I have so many things whurling around in my head working on this project, I forgot to look at that.

Thanks again for your quick responses. This issue is fixed.