Manni02

Great thanks for the update ??

Hi Gerroald,

That’s great, thanks for confirming I didn’t miss something and for filing the request.

I can see that we can block entire networks, but that’s marginally useful for spam referrers because they tend to be different entities.

If you could add to the request the ability to sync automatically to a list of known referrers, such as the list I linked to in the OP, whether community maintained or Wordfence maintained, it would be great as it would take away the need to update that list manually, saving more time and making the process more efficient.

Given that wordfence does such a great job at updating threats in real-time, it would be great if it would be the case for spam referrers too.

It’s easy to do as the plugin I mentioned in the OP does it, and it could be a feature unlocked for paid subscribers (I have purchased WF).

Thanks for considering this, and keep up the good work!

Best,

Manni

• This reply was modified 5 years, 2 months ago by Manni02.

Any chance to get a comment on this from the team? Thanks.

Just to confirm the above.

I had left the scan type to “high sensitivity”, a similar URL was spotted in the log and gave a critical issue, but it wasn’t reported when I switched the scan type to “normal”.

So the plugin is behaving as expected, with a few false positives when “high sensitivity” is selected, but no suspicious URL reported from the log in “standard”.

Just to follow up on this, I just realized that my scan type was set to “high sensitivity”, which might have triggered the false alarm about the log file.

I set it like this after install because I was under quite a few brute force attacks and wanted to make sure that nothing was left out when the site was first scanned. Then I forgot and left the settings like that. It’s only after a while that it flagged the URL in the log.

I can’t be 100% sure but I think that if the setting had been on “standard”, this log entry would probably not have been flagged. It would be expected for “high sensitivity” to come up with a few false alarms such as this one.

I’ll move it back to standard now, but I just wanted to update you as the plugin might be working just as intended.

Hi Dave,

Thank you very much for the quick reply.

Great, that puts my mind at rest. ??

It might be a good idea to exclude the logs from the scans, or at least bring the status down from “critical” to something less extreme in the report, especially when the only positive comes from a log.

However, I’d rather get a false positive than miss a real one, so it might be fine the way it is.

Thanks again,

Manni

Thanks for the reply.

Yes, I have one question. Is there a way to make the 2FA work only when using the wp-login.php? That way admins could use the standard WP-Login to login with 2FA, and standard users can use the theme-my-login page without 2FA.

The problem is that at the moment, as soon as a single user enables 2FA, the TML login is broken for all users, not just admins.

Yes, the group attribute addition works as expected, that’s what I meant in my post above when I said thanks for implementing the group feature in the form ??

Just to confirm the issue is fixed in your latest release, and a huge thanks for implementing the group feature in the form, it works perfectly!

Keep up the good work, just leaving positive feedback as a small thank you.

That’s great, thanks!

I can confirm that if a testimonial has been left by a user (and not created by the admin) it’s not possible to select a group while editing the testimonial. You can select, but the selection isn’t saved.

However, if we select a group ID and check the testimonial(s) we want to add to that group, then the change is saved.

Looks like a right issue in the testimonial edit screen, because the change is saved fine if I’m editing a testimonial I’ve created myself as an admin.

Apart from this little bug, a simple request:

Could we add group=”x” to the form shortcode so that a testimonial is automatically added to the correct group as it’s typed by the user? That would make the process easier, as we could have a different page for each group of testimonial to be added.

Thanks for a great plugin by the way!

Thank you so much! ??

Thanks, I didn’t know that as the author plugin replied directly here last time I had an issue, but it was with the free version then.

I have the same error after update to the latest version. I had to revert to my backup to get the site back on line.

You can delete or rename the updater folder in the plugins directory using filezilla or similar to get your site working again until the devs fix this.

Installed 2.0.5 on my two websites and the two outstanding issues (list of tickets not appearing on the tickets page and link to get to the tickets in the dashboard in the email sent to the admin after a new ticket is open) seem to be resolved.

Well done, and thanks for fixing this so quickly.

Regards,

Manni