psamathe

Where is “notifications Push/Pull”. Can’t find it antwhere (never knowingly enabled it). Found “Automatically Feed News” but it’s always been off.

Does LiteSpeed randomly check web sites as although it happens to run LiteSpeed web server, there is no reason for contact beyond any other web site in the world.

So does LiteSpeed do this to all web sites because it checking is a regular thing?

Information for yourselves/developer about the Wordfence blocking the plug-in saving the settings for V3 plug-in. Looking through the logs it looks like the reported issue was
https://example.com/wp-admin/admin.php?page=litespeed-page_optm and was blocked by firewall for XSS: Cross Site Scripting in POST body: media-placeholder_resp_svg=%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20width%3D%22%7Bwidth%7D%22%20height%3D%… at https://psamathe.net/wp-admin/admin.php?page=litespeed-page_optm

Just info to help anybody looking into the issue (I’ve changed the name of the domain as I noticed a lot of BOTs seem to “home in” on a website address published on this (and other) forums).

Let me know what and when.

I’m very reserved about installing plug-ins (because so many don’t seem to tidy-up properly) and I’m not (currently) a Slack user. But happy to help get things sorted if I can without too much software installation/registration.

As V3 is completely changing loads of unrelated settings all over the place (like the CSS Minify, CSS Combine, JS Minify, JS Combine, Generate Critical CSS, etc. (enabling loads of stuff I’d have to go through every setting to see what it’s enabled and re-test the site to see if any of the options it’s changed have broken it (e.g. CSS Combine and JS Combine to break the site).

I’ve reverted to pre-V3 and interestingly on revert the settings also reverted. So I’m not particularly confident in the V3 plug-in so maybe safest to stay pre-V3 at the moment.

And WordPress (my site) has just sent an e-mail

Since WordPress 5.2 there is a built-in feature that detects when a plugin or theme causes a fatal error on your site, and notifies you with this automated email.

In this case, WordPress caught an error with one of your plugins, LiteSpeed Cache.
…..

I can’t save settings – Wordfence is blocking it as an “unsafe transaction”.

The update to V3 has trashed all the settings as now (apart from the “combine” settings having become re-enabled, “Generate Critical CSS” has also become r-enabled.

I’ve got to revert back as I can’t switch-off the functions that V3 has re-enabled

And now if I try and reset things and press “Save” Wordfence security

403 Forbidden
A potentially unsafe operation has been detected in your request to this site, and has been blocked by Wordfence

So I can’t reset and save the correct settings. I’m getting frustrated by this plug-in (sorry but I have other stuff to do today).

It looks like the update to V3 messes-up the settings as I just got V2 settings working with my site (which requires CSS Combine to be “OFF”) and updated to V3 and the Page Optimisation settings have it set back ON

Back with V3 <latest release> and it’s still asking for a domain key

New Report: SJRXDJPC (created after updating to latest release plug-in)

If I re-install V3 of the plug-in will it still be giving warnings about domain keys everywhere (not just on the LS Cache pages.

Better if it didn’t give any warnings if the CDN is not enabled, but currently on latest pre V3 plug-in and I don’t like not keeping up to date but also I don’t want warnings about stuff I don’t want/need all over WordPress Admin areas (which is how I noticed it to begin will).

LKSFUEPV

But I’m changing settings at the moment to try and get the CSS/JS combine/minify settings working again.

Report number and date are both blank.
I pressed “Automatically Install” and it went and install a new plug-in I have absolutely no knowledge about. and I hate new plug-ins as quite a few don’t clear out wp-options on remove and it just gets bigger and bigger and now I’ve got to go check what this unknown plug-in has done! (Whilst I’m now spending ages getting the site caching back properly set.

In fact whatever has messed with the settings has disabled all the optimisations I had previously set and had assumed would stay set!

e.g. CSS minify, CSS combine, JS minify, JS combine, HTTP/s Push, etc! something has reset them all!

No CDN, no Image Optinisation. Can’t see “Low-Quality Image Placeholder” setting but all the lazy load/media stuff is off.

Switched off CCSS ages ago as it broke my site. But I now see that whilst “Load CSS Asynchronously” is OFF, “Generate Critical CSS” and “Generate Critical CSS In Background” have reverted to “ON” – both these should have no effect as “Load CSS Asynchronously” is OFF?

At some point something has been changing my settings but I can see no reason why I should be needing a QUIC.clod domain key.

(LiteSpeed access to my servers is blocked anyway because at least some are running on Digital Ocean and they are a nightmare source of hack attempts (continual) so Digital Ocean AS number is completely blocked.