Forum Replies Created

Viewing 8 replies - 16 through 23 (of 23 total)
  • Forum: Plugins
    In reply to: [Media Vault] NGINX Support

    The nginx config below works – once MV is completely activated. But I can’t figure out what nginx config is needed to pass the MV test which enables the complete activation. I fooled MV into complete activation by running on Apache – then I switched to nginx.

    If the author would fully describe the tests that are used to fully enable, then I will try to create the nginx config that satisfies them.

    # Media Vault Rewrite Rules
    
    # RewriteRule ^wp-content/uploads(/_mediavault/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L]
    rewrite ^/wp-content/uploads(/_mediavault/.*\.\w+)$ /index.php?mgjp_mv_file=$1 last;
    
    # RewriteCond %{QUERY_STRING} ^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$
    # RewriteRule ^wp-content/uploads(/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L]
    if ($args ~* "^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$")
     {
    	rewrite ^/wp-content/uploads(/.*\.\w+)$ /index.php/?mgjp_mv_file=$1 last;
     }
    # Media Vault Rewrite Rules End
    Thread Starter flymike

    (@flymike)

    Thanks for that. I confirmed that the database backup includes wp_options.
    So I wrote a quick plugin to dump the unserialize of get_option(‘simplyexclude_v2’) and found the version on the target was smaller than the source (presumaby my recently added settings were missing).
    Then I noticed that the old version key ‘simplyexclude’ was also in wp_options, so I deleted (actually renamed) that key. Repeated the backup and restore sequence, and… ALL IS WELL!
    I can’t explain this – but I would like to leave the old version key deleted. Is there any dependency on it in 2.0.6.1?

    Thread Starter flymike

    (@flymike)

    form#registerform>p:first-child

    will select a child of the identified form which is a paragraph and is also the first child.
    It’s not perfect, but it will accomplish your goal and is certainly more selective that just p:first-child. And, most importantly, it will fix my problem ??

    Thread Starter flymike

    (@flymike)

    I did not say it was all over the site. The primary problem is the registration page, where my other plugins are inserting paragraphs, and some of those paragraphs are being hidden because they are first-children of other elements.
    It is your css selector which is too broad. It will hide every paragraph on the registration page which is the first child of another element. Is that really what you intended?
    Yes, I’m using v2.5.3.

    Thread Starter flymike

    (@flymike)

    This intrusion has recurred – this time on the current version, 3.1.1.
    The hacker logs in (validly) as subscriber, creates a post – which should have gone into Pending Review state – then immediately updates the post as Administrator to Published state. The access log is below. Both of the logins were with the Subscriber username (my site records all logins with username and IP).
    I can’t figure out how this hacker is getting Administrator privilege.

    83.28.5.21 - - [25/Apr/2011:09:26:57 -0700] "POST /wp-login.php HTTP/1.1" 302 969 "https://sarasotasailingsquadron.org/wp-admin/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
    83.28.5.21 - - [25/Apr/2011:09:26:59 -0700] "GET /wp-admin/post-new.php HTTP/1.1" 200 38080 "https://sarasotasailingsquadron.org/wp-admin/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
    83.28.5.21 - - [25/Apr/2011:09:27:03 -0700] "POST /wp-admin/post.php? HTTP/1.1" 403 1639 "https://sarasotasailingsquadron.org/wp-admin/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
    83.28.5.21 - - [25/Apr/2011:09:27:07 -0700] "POST /wp-login.php HTTP/1.0" 302 1094 "-" "Snoopy v1.2.4"
    83.28.5.21 - - [25/Apr/2011:09:27:09 -0700] "POST //wp-admin/ HTTP/1.0" 200 30707 "-" "Snoopy v1.2.4"
    83.28.5.21 - - [25/Apr/2011:09:27:12 -0700] "GET //wp-admin/press-this.php HTTP/1.0" 200 31442 "-" "Snoopy v1.2.4"
    83.28.5.21 - - [25/Apr/2011:09:27:14 -0700] "POST //wp-admin/press-this.php?action=post HTTP/1.0" 200 31671 "-" "Snoopy v1.2.4"
    83.28.5.21 - - [25/Apr/2011:09:27:23 -0700] "GET / HTTP/1.0" 200 69061 "-" "-"

    Thread Starter flymike

    (@flymike)

    my mistake; 3.04 on Jan 4, not 3.05

    DBC Backup v1.1 was working perfectly on WP 2.9.1 until 3 weeks ago. Then it stopped doing daily backups.
    Reading the code on dbcbackup-options.php, I don’t understand how it ever worked. I’m hoping someone can explain it:

    dbcbackup-options.php calls wp_schedule_event with the 2nd parameter = ‘dbc_backup’. But wp_schedule_event requires the 2nd parameter be how often the event should occur, and the value be one of ‘hourly’, ‘twicedaily’ or ‘daily’.

    How did this plugin ever work?

    Thread Starter flymike

    (@flymike)

    it transpires that the php-xml RPM had to be installed on the (Fedora) server.

Viewing 8 replies - 16 through 23 (of 23 total)