kiikiikii

Well, that’s exciting to read! I’ll definitely upgrade to a paid plan when it releases. ??

Ah, I understand now. I was attempting to create “Patreon”-like tiers, where someone could purchase a monthly membership. I was trying to create a single product with multiple monthly subscriptions/tiers and Surecart wasn’t allowing it.

So I created two separate products, one for $3 and one for $5. Surecart I guess has no idea these two products are related, so how can someone upgrade/downgrade from them in the first place? Makes sense.

Am also looking for an Invisibility option of some kind. I’d like to protect my pages from bots without forcing real users to undergo the captcha, if possible.

Still waiting to hear back from support. Thanks!

Thank you for hearing us out, Emre! (just to let you know, I bought a license earlier today!)

Can’t wait to see the update, a fast website is a happy website. ??

I would love to see a version of @tofandel’s fix applied, every millisecond counts and if there are extra / unnecessary calls to Cloudflare when it can be done in one call, then it should be looked into.

Hi, I’m not affiliated with WPBruiser support, just wanted to comment.

If you aren’t using Cloudflare, you can use it for free to help fight off stuff like this. Here’s a few guides specifically for WP:
https://www.kazimer.com/how-to-protect-wordpress-with-cloudflare-firewall-rules/
https://turbofuture.com/internet/Cloudflare-Firewall-Rules-for-Securing-WordPress

Almost all of your settings are gated behind the paywall. I’m not talking about two or three really premium features. Anything basically other than enabling it and adding it to the site is a paid feature. I don’t know if it’s changed since I used it months ago but judging from the recent posts here, it hasn’t.

If you want to make a premium product then make a premium product but don’t advertise it as Free and post it on WP.org if you’ve gated 95% of features / options.

That fixed it! Thank you so much.

Changing the Strict Transport Security option off didn’t help but you’re right, I found a ton of blocked images/ errors (these aren’t all of them, just a few):

Refused to load the image '<URL>' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:".

admin.php?page=wc-addons:1 Refused to load the image 'https://d3t0oesq8995hv.cloudfront.net/add-ons/[email protected]' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:".

admin.php?page=wc-addons:1 Refused to load the image 'https://d3t0oesq8995hv.cloudfront.net/add-ons/[email protected]' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:".

admin.php?page=wc-addons:1 Refused to load the image 'https://d3t0oesq8995hv.cloudfront.net/add-ons/[email protected]' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:".

admin.php?page=wc-addons:1 Refused to load the image 'https://d3t0oesq8995hv.cloudfront.net/add-ons/generic.png' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:".

admin.php?page=wc-addons:1 Refused to load the image 'https://d3t0oesq8995hv.cloudfront.net/add-ons/generic.png' because it violates the following Content Security Policy directive: "img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:".

• This reply was modified 5 years, 2 months ago by kiikiikii.
• This reply was modified 5 years, 2 months ago by kiikiikii.
• This reply was modified 5 years, 2 months ago by kiikiikii.

I did.

Yes
SAMEORIGIN
Set to “1”
Samesite=Lax
No
1 Year

• This reply was modified 5 years, 2 months ago by kiikiikii.

Yep, if I disable Ninja I can see the images in my dash.

I set it to SAMEORIGIN just now and it’s working. Thanks so much.

Hey thank you for the response.

The firewall didn’t record anything but I disabled this option:
“Set X-Frame-Options to protect against clickjacking attempts”
And it loaded just fine.

Hey thanks. I was hoping there was some css or jquery solution I hadn’t thought of.

I just didn’t want to rely on a plugin for this feature like I’m doing now. Thanks though.