misselenat

I’ve actually created a custom plugin and reinstalled the latest WordPress version – your code works like a charm. Thank you @highlandmoss!

Thank you very much, I will try that next time there is an update!

You are right about having to do this each time a WordPress update is available, let’s just consider this a workaround until a better solution comes up.

I’m wondering if there is a way to prevent this value from being overwritten by updates, the same way you can prevent a file belonging to a theme from being updated by putting a copy of the modified file in the theme’s child folder (the child folder always has priority, provided the active theme is the child one of course).

I will try and see if I find a solution, meantime I’ll just manually change the value after every WordPress udpate.

• This reply was modified 8 months ago by misselenat.

My website had the same issue, even though the size of the autoloaded options was around 800kb. After deleting some parameters (belonging to already uninstalled plugins) from wp_options (inside PHPMyAdmin), I changed the file size limit to 900kb so as to prevent the message from appearing.

I found the line 2648:

    $limit = apply_filters( 'site_status_autoloaded_options_size_limit', 800000 );

in wp-admin > includes > class-wp-site-health.php and simply changed 800000 to 900000.

If the size of your autoloaded options exceeds 1MB, I would address the issue first by removing any old parameters from wp_options inside PHPMyAdmin (make a copy of the database before deleting anything, of course).

Hope this helps!

• This reply was modified 8 months, 1 week ago by misselenat.

P.S. I had already left a review more than 1 year ago, with 5 stars of course – it’s a pity I can’t write another one, so I encourage everyone who is enjoying this plugin to take a moment to express their appreciation! ??

Hi Iulia,

Thank you very much for working on the issue!

I have just updated the plugin and it looks like everything is working fine again, just like it used to. I have tested it both “normally” and incognito on my browser, and each time the login page appeared in less than a second. I also used a different browser and tried typing the URL on my mobile phone – everything works like a charm.
I will let you know in case I notice anything strange, but it really looks like you have solved the issue!!!
Thank you so much for your help. I will leave a positive review and 5-stars rating right away!

Have a great evening,
Elena

Hi Iulia,

Thank you very much for your reply and for your help.

Here are the details you requested:
PHP version = 7.4.16
WordPress Version = 5.7.2

I’m not using Cloudflare or other CDNs.

Please let me know if you need any other information. I’d be glad to help fix the issue, so if you come up with a possible solution and want me to test the plugin on my website before releasing a new update, just let me know.

Thank you again for looking into the matter!

Best Regards,
Elena

Today I was finally able to get a new API key. I suggest you write to [email protected] telling them your domain and admin e-mail, so that they can send one to you.

I am having the same issue.
My website is up and running: https://elena-t.com

Same here. I have just migrated my website to a different hosting, and since then I am getting the message you pasted, with that very IP (not mine, either).

Oh my! Windows 98? My first computer had Windows 98SE, but it’s been 19 years since then! I wouldn’t have imagined anyone was still using it ?? Not to mention IE!!

I personally use the latest versions of Firefox and Chrome (which are also very useful when it comes to debugging a site or identifying the proper CSS to edit to modify its appearance), but I honestly don’t know about my visitors (I stopped using Google Analytics a few years ago). Anyway, let’s hope no one is still living in the early 2000s and people have decent browsers and o.s. ??

I’m okay with the orange bar if it doesn’t mean I will get a B in about a week, although I understand your point that GoDaddy should be a little less lazy. I know there are better hosting providers out there, I chose the cheapest one (I had discount codes) as I’m not making any money through my website, so it’s just there to showcase my work. When my current plan expires (which should be in 2023) I will certainly look for other alternatives and keep in mind the information you have so kindly provided me with.

You have been incredibly helpful and I’m happy to tell you that all 3 Recommendations have disappeared from my Sucuri dashboard!!!
If it weren’t for you, I wouldn’t have known hot to fix this security issue: now it’s not only fixed, but I also understand much more about its meaning and importance.

Thank you once again so very much for your time, kindness & help: you’ve been a true angel!

• This reply was modified 5 years, 2 months ago by misselenat. Reason: spelling
• This reply was modified 5 years, 2 months ago by misselenat.
• This reply was modified 5 years, 2 months ago by misselenat. Reason: Late night here, I've made a few spelling mistakes!

I don’t mind at all! I wouldn’t have known what to do without your help ??

I contacted GoDaddy upon reading your message, but it looks like my server already supports TLS 1.2. The PHP Info seems to confirm it, and I see it shows in the Qualys SSL Labs Server Test, too (I’m honestly not sure it was there last night, maybe it wasn’t and Godaddy fixed it when I contacted them?): please see here.

Anyway, I still see the orange bar, so I was wondering if this is just a general information because my server still supports TLS 1.1 (although it also supports 1.2), or if I should take this notice like a friendly reminder that TLS 1.0 and 1.1. should not be supported starting February 2020, as in “this may be a security threat”.
Could you please help me understand if my server should NOT support older TLS versions by the end of January, or if it’s okay if it does, provided it also supports TLS 1.2 (which it does)? I hope it makes sense! ??

I will keep an eye on the relevant security sections you have highlighted, making sure they don’t change. Thank you for instructing me!

Also, thank you so much for appreciating my photography ??
I used to shoot with a film camera when I was a child (my camera wasn’t remotely as cool as the Kodak Instamatic, of course), but a good 99% of my photoalbum were pics of my cats. When I started taking photographs as a “serious” hobby the digital era had already begun, so I guess it was easier for me to learn through trial & error, without having to spend a fortune “developing my mistakes”! ??

Wow! Thank you so much for taking the time to explain this to me, including the changes you have recently made. I have updated my .htaccess accordingly and, although the “blue bar” hasn’t disappeared in the new test (screenshot here), I’m sure this version of the code is better and will be useful for other users having problems similar to mine, too.

Thank you also for mentioning the .htaccess syntax test site, I gave it a try right away and it said everything was OK. I will make sure to use it everytime I make changes to said file, for extra peace of mind ??

I will keep checking the Recommendations section and let you know if anything changes.

Again, thank you so much for everything!

Success! It says A+ now and the green line confirms Strict-Transport-Security is active!

I scrolled and verified it says “yes” at the bottom, too.

Thank you so much for your help!!!

Now I hope the first 2 Recommendations will go away in the next few days. As for the third one, since you still see it on the websites you manage, I guess it’s really an issue with the plugin. Have you tried reporting it, or do you feel like it’s not worth it?

• This reply was modified 5 years, 2 months ago by misselenat.

I’ll give it a try now and let you know if it says ‘Yes’ when tested ??

I already got an A when I tested earlier without the Strict-Transport-Security setting on, but apparently I did that just in time to see the top mark – the result says: “This server supports TLS 1.1. Grade will be capped to B from January 2020”. I guess I’ll have to see into that as well, although I have very basic SSL needs for my site.

So I’m changing the .htaccess top lines to what you suggested and running the test again.
In a few minutes we’ll have a response, at least for the Strict-Transport-Security issue.

Thank you again ??