chandelierrr

Hi @spidrweb,

Thanks for your patience here!

We’re happy to inform you that we’ve deployed a fix for this in version 2.1.4. Could you let me know if updating to the latest version resolves the logs view for you?

Hi @ellejg,

Glad you reached out!

It sounds like there is an issue with how Solid Security interacts with this particular site’s configuration during the prefix change, given that you have tried the DB prefix change feature before and only encountered a problem this time.

Quick thinking on the backup creation and this is something we also recommend before running this feature each time, so if you want to try again make sure to have a backup ready.

Other things I’d suggest would be:

• Ensure that your database user has the correct permissions to make changes to the database.?You may check this with your host if unsure.
• Clearing all sorts of caches (server cache -> CDN cache (if you use it) -> plugin cache -> browser cache) before and after running the tool.
• Disabling most of the Solid Security features before running the tool.

Hope this helps, and let us know how it goes.

Hi @baldguy,

Glad you reached out.

You’ll want to enter the User Agent String, so please use the one you’re seeing on the logs: Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)

Let us know if this works.

Hi @blue2shop,

Glad you reached out.

It looks like there is something on your site that’s causing the custom login URL to not work because these two URLs seem accessible:

• https://wagner.bluezwei.at/wp-login.php?itsec-hb-token=wplogin
• https://wagner.bluezwei.at/wp-login.php?itsec-hb-token=wplogin&action=lostpassword

Can you try resetting your WP Permalinks and clear all sorts of caching (server cache -> CDN cache (if you use it) -> plugin cache -> browser cache) and see if the problem goes away?

If not, kindly check your .htaccess or NGINX configuration if there is a redirect rule that should be adjusted.

Please also try to check if the issue persists when deactivating the other plugins and switching to a default WP theme, as this would help narrow down whether the issue is due to a conflict.

Let me know what you find.

Hi @juanporzio,

Glad you reached out.

It looks like an issue with your site’s email delivery system and not with Solid Security. I’d recommend troubleshooting the email functionality using our guide here.

Hope this helps!

Hi @richard0marlowe,

Glad you reached out!

The option to require users to use Two-Factor Authentication is only available in the Pro version.

Thanks!

Hi @richard0marlowe,

Glad you reached out!

While there isn’t a specific filter for modifying that message, you can try using the output buffering method to capture the login page’s output and modify it before it’s displayed.

For example, you can add this to your functions.php file:

function modify_solid_security_2fa_text() {
    ob_start(function ($buffer) {
        return str_replace(
            'An Authentication Code has been sent to the email address associated with your account. Look for an email with', 
            'Your custom message here. Instead, please check your inbox for',
            $buffer
        );
    });
}
add_action('login_head', 'modify_solid_security_2fa_text');

Note that this method can sometimes affect performance, so you’ll want to check if your site is prone to heavy traffic, although most times the overhead is minimal.

Hope this helps!

Hi @alphablossom,

Glad you reached out.

That error indicates that Stripe cannot verify your website’s SSL certificate for some reason.

To resolve, can you please ensure your SSL certificate is valid and publicly accessible? You can use tools like sslshopper.com to verify this, and also confirm with your hosting provider.

Another areas you can check to troubleshoot this further are:

• Confirm whether Stripe can access your?https://yourdomain.com/.well-known/apple-developer-merchantid-domain-association URL.
• Adjust any security settings or firewall to allow access or whitelist that URL and any requests made to .well-known.
• Verify that your domain is configured to your Stripe account’s Settings > Payment Methods > Apple Pay?settings.

Let us know how it goes!

Hi @captgoodhope,

The Create payment?button in Stripe is only enabled if a customer has saved a payment method during checkout or in their My Account area (if registered as customer of the site).

So, you can only create a payment for customers who choose to save a payment method to their accounts/profiles. If no payment method is saved, a manual charge isn’t possible. See the tooltip here.

Our team recommends looking into WooCommerce’s?Paying for Orders?feature instead of manually creating payments in Stripe. This way, StellarPay will be able to link the payment with the Woocommerce order so when it’s created, you can send the customer an email to pay for order instead of using Stripe.?

Could you let me know if this works for you?

Hi @captgoodhope,

Glad you reached out!

To make sure I understand you correctly, can you confirm if you’re looking for the ability of Stripe API to create a new Stripe Customer object during checkout in order to store customer profiles for future payments?

If that’s the case, StellarPay does create a Stripe Customer account for all transactions (including guest checkout). Here’s a sample created account after a user checked out without a WP account.

If this is not the feature you’re looking for, could you please clarify what additional functionality it is?

Thank you.

Hello,

I hope the previous information was helpful. Tracking notifications on this forum can become tricky over time, and since we haven’t received a response, I’ll mark this post resolved.

If you still require further assistance, feel free to open a new support topic, and we’d be happy to assist.

Thank you!

Hi @marowi,

Glad you reached out!

I’m afraid we don’t plan to provide an option to add exclusions for the Disable PHP Execution options in Solid Security. You may read this thread for more clarity on this: https://www.ads-software.com/support/topic/enhancing-plugin-functionality-implementing-exclusion-feature-for-user-specifie/.

Thank you for understanding, and let me know if you have further questions.

Hi @flippertricks,

Glad you reached out, and thanks for linking that old thread!

I handled that case previously and while it was resolved for that user after an update, I was able to kind of replicate a similar issue on my test environment and find ways to resolve it.

Can you try following the steps in this thread??https://www.ads-software.com/support/topic/old-url-showing-on-the-site-scan-report/. Basically, you’ll want to remove any remaining old scan data from the website.

Let me know if it works.

Hello,

Tracking notifications on this forum can become tricky over time, and since we haven’t received a response, I’ll mark this post resolved.

If you still require further assistance, feel free to open a new support topic, and we’d be happy to assist.

Thank you!

Hi @poppydev, apologies for the slow turnaround here! We’ve been kind of busy bees in SolidWP the past week.

First, I’d like to clarify that the “Active Lockouts” section only show temporary active lockouts that have happened within 15minutes. So if you’re viewing that section and the active lockout time has passed, it won’t show up there anymore. Still, it’s viewable via the Security Logs.

As for the conflict with FS Poster plugin, it looks like the issue isn’t due to its IP address not being whitelisted within Solid Security, but instead, due to its feature of needing to execute a PHP script within the WP Plugins folder.

If you have the Disable PHP in Plugins?setting enabled in?Security > Settings > Features > Advanced > System Tweaks – PHP Execution?the conflict occurs. To resolve it, you need to deactivate this setting within Solid Security. See the similar thread here: https://www.ads-software.com/support/topic/i-can-no-longer-use-the-fs-poster-plugin/

Let us know if this works!