Simon

Thanks @dannycooper,

I’ve tried disabling all plugins except “Disable/Remove Google Fonts” and “Mega Menu Plugin for WordPress” (theme uses it) and set the “Site Title” font family in the Passionate Pro customizer.

It loaded any font I select from fonts.gstatic.com…

P.S. I’m fine with my workaround, as we’re not using Roboto anymore on the live site and everything is working as expected.

How to update to the fixed version 1.2.1 (because WP is hard down):

1. Log into webserver and delete wp-content/plugins/accordion-blocks folder
2. Log into WP admin
3. Reinstall Accordion Blocks plugin

Check your webserver log, as there might be some errors logged.

In my case, the directories were created with 644 permissions (missing ‘x’) and then creating the .htaccess file failed during fopen() and the temp directories were not cleaned up.

Setting the correct default ACL for the uploads directory (owned by the webserver’s user) solved the issue for me:

setfacl -R -d u::rwx uploads
setfacl -R -d g::rwx uploads

Now, the temp directories are created with 754 permissions, which allows the malware scanner to complete.

• This reply was modified 6 years, 2 months ago by Simon.

So far, my updated custom patterns have kept out almost all spam.
Also, since 4 days, the spam waves seem to have gone down.

Hm.. Indeed all Spam comments feature mail.ru and gmail.com addresses.

According to the dashboard widget, some spam is detected, but since over a week, I get quite some comments that go undetected and are clearly spam.
(WP 4.7.1, latest ASB)

• This reply was modified 7 years, 10 months ago by Simon.

Hi Chris,

The “BBCode is spam” option in Antispam Bee should have marked those comments as spam, because the links are created with BBCode url tags (as used in forums, but no WP comment forms, which is probably why WP doesn’t mark it as spam on its own).

Did you have “BBCode is spam” deactivated or did the feature miss those and 100+ similar comments? Then that’d be a bug.

Also, you can enable the “Use regular expressions” which has already predefined hooks may catch similar spams (not exactly those posted with ‘.co.uk’ domain and ‘gmail’ address, but detects ‘.com’ + ‘gmail’).

Greetings,
./Simon

Hi Chris,

Could you post some samples of spam to pastebin (linked by Jan)?
Maybe the using a RegEx pattern hook might be a solution?

Greetings,
./Simon

Can you post the headers of one of the mails from Hotmail’s spambox (and put it it code tags)?
Then maybe someone can start helping you. The reason for it being considered SPAM is often listed in there.

What I heard about in the past few weeks is that Hotmail is picky about rDNS (IP -> Domain Name) entries not matching the mail server’s settings.

Proposal to fix this issue in PR#193.

Disclaimer: This option shouldn’t be activated on sites within the EU as complete IP addresses will be sent unencrypted. However, that’s somewhat inevitable as spammer databases themselves work with full, unencrypted IP addresses.

I just tried something manually: ASB could (maybe optionally) connect to https://www.stopforumspam.com/api?ip=91.186.18.61 (an example from the SFS page) instead of http://www.stopforumspam.com/api?ip=91.186.18.61.

At least that would take care of the ‘unencrypted IP adresses’ part.

Update: On the regular expression part, I recommend a function hook as described in this gist: https://gist.github.com/sergejmueller/4242142. I’ve been using this sucessfully for over a year now (specific to the kind of spam my wife’s blog gets):

function antispam_bee_add_custom_patterns($patterns) {
	// Pattern for phony author names.
	// Fun Fact: The last one is 'Prada' in Japanese.
	$patterns[] = array(
		'author' => 'moncler|north face|vuitton|handbag|burberry|outlet|dress|maillot|oakley|ralph lauren|ray ban|iphone|プラダ'
	);

	// Pattern for phony web pages.
	$patterns[] = array(
		'host' => '^(www\.)?fkbook\.co\.uk$|^(www\.)?nsru\.net$|^(www\.)?goo\.gl$|^(www\.)?bit\.ly$'
	);

	// Pattern for text containing strings like 'targetted visitors'.
	$patterns[] = array(
		'body' => 'target[t]?ed (visitors|traffic)'
	);

	return $patterns;
}

The problem is that in qtranxf_front_header_css_default, it calls qtranxf_flag_location, which uses WP_CONTENT_URL to generate the URL. As that is the setting (Settings > General > WordPress Address (URL)) usually set for the non-HTTPS version, the flags are referenced with https:// and loaded over an unsecured connection.

The solution I found was replacing WP_CONTENT_URL with content_url() (qtranslate_core.php, line 522), which accounts for the protocol used to show the page.

Update: I just noticed I get the same mixed-content error in the admin section from the flags on the top right. The above fix also takes care of those.

Thanks for your response, Gunu.

Unfortunately, I have the same behavior with beta 3.3.8: Whenever I save an article again, the (empty) English version gets empty paragraphs (copied from the text editor).

<p>?</p>
<p>?</p>

Steps I just tried:

1. Open single-language post in editor & save without changing anything – adds empty p to English
2. Switch to English tab and remove the above paragraphs
3. Switch back to German tab & save (everything is well here)
4. Click save button again with out doing anything – creates a new revision and adds the two empty paragraphs to the English version

I think WordPress might also be adding paragraphs, but I can’t seem to find the setting for that..

Update: I found the culprit: It’s TinyMCE Advanced‘s option

Stop removing the <p> and <br /> tags when saving and show them in the Text editor

When I uncheck that option, the empty English part will stay empty.

This file was created on my server when I downloaded the IP2nation database (NewStatPress > Tools > IP2nation).

As long as this file is present in that directory, NewStatPress shows it as ‘Last version installed: 18/02/2015’ with an ‘Update’ button.
When I delete the sql file, it shows ‘Last version installed: none’ with the ‘Download’ button.

I’m not sure how this file is used, all I can tell is that it didn’t create the two tables mentioned in the SQL file in my WordPress database..

I export my pictures from Lightroom via SFTP and once had the case (2 years or so ago) where a newly uploaded picture had the same name as an existing one and all of a sudden, an old post showed a new picture. ??

To clean up, I

• re-uploaded the original picture to the same folder, overwriting the new one again
• imported the metadata of the mixed up image
• recreate the thumbnail
• (not sure about this) delete the NGG cache to clear mixed up dynamic images
• changed my file naming pattern to include the original name and the date, so this would never happen again.

Also when I’m uploading new pictures and before adding it to an article, I notice that for example it looks too dark, I just upload the same picture again (SFTP) and recreate the thubmnail. Works fine.

Not sure about the gallery upload UI, I never use that.