Simba

Stripe & Paypal

No, as I said I already dismissed the notice.

This may have been related to the other issue I had. The solution to that was to explicitly declare woocommerce support in my theme. Without that declaration certain functions appeared to not execute at all, and I wonder if that could be why the SSL test failed.

Yes absolutely. All the sites I manage are either HTTPS only or force redirection to HTTPS.

I thought maybe it was caused by the redirection so I tried a full page refresh a few times but it kept reporting falsely until I dismissed it.

I use some fairly strict SSL settings to get an A+ rating, here they are in case it helps:

`
## SSL Configuration ##
ssl_certificate /etc/ssl/mycert.crt;
ssl_certificate_key /etc/ssl/mypriv.key;
ssl_session_timeout 5m;
add_header Strict-Transport-Security “max-age=63072000; includeSubdomains; preload”;
add_header Content-Security-Policy upgrade-insecure-requests;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_buffer_size 8k;
ssl_session_cache shared:SSL:30m;
ssl_dhparam /etc/ssl/dhparams.pem;
ssl_stapling on;
resolver 8.8.8.8;
resolver_timeout 10s;
ssl_stapling_verify on;
`

I found the issue, I had to uncomment add_theme_support(‘woocommerce’), which I had been lazy about declaring before as it had never previously mattered.

btw @johndcoy “Happiness Engineer” is a cool job title.

• This reply was modified 6 years, 10 months ago by Simba.
• This reply was modified 6 years, 10 months ago by Simba.

@mihche I’ve been responding to your E-mails and you claim you aren’t getting them. Check your spam folder? I really need to get this fixed.

@mihche Okay I have done that, I appreciate your help.

With the CF7 extension installed the password recovery form is broken. With CF7 extension disabled it works again.

The only errors I see in the logs are the ones I provided.

I am also confused!

Did your bot spam go from 0 to 500 per day?

Maybe your records are wrong.

@pumpaxxl the foolishness of the European lawmakers is in their presumption that people are entitled to anonymity on the internet. They aren’t. When someone connects to my server I’m going to collect all the information I can about them, in case they behave badly. And in case of those who do, I will use that information to track them down and notify the most appropriate authorities. Thankfully I’m American and the EU can’t do anything about that.

Protecting consumer privacy is important, but a good law cannot be crafted by fools, and that is what happened with the GDPR.

@chris_c I appreciate your response.. courts sometimes make the wrong decisions, which is why we have a chain of appeals (I don’t know how EUs system works I imagine it’s similar?). IANAL and I don’t have time to review that particular case but the only circumstances where an IP could be rationally considered private data is when it’s bundled with information about browsing habits _on other websites_. Everything that takes place on your own equipment is information which belongs to you, just as all the behavioral and identifying data gathered from a guest spending time in your home would belong to you.

It’s unreasonable to expect a site operator to blind themselves to the connection details of machines which connect to their network. It’s like making an outgoing phone call, the person being called has a right to know who is contacting them. That information is not privileged or private, and in fact it’s essential to record it for security purposes. This will surely prove to be covered under the GDPRs various vague and broadly worded exceptions.

Again, IANAL. I am, however, a network engineer.

• This reply was modified 6 years, 10 months ago by Simba.

FWIW, IP addresses by themselves are not private information regardless of what GDPR or any other law says. Nobody is entitled to that level of anonymity.

• This reply was modified 6 years, 10 months ago by Simba.

I’ve attempted to contact you through your site repeatedly and have not received a response, this is an urgent problem for me can you please help? I’m forced to disable the contact form extension because it’s breaking my password recovery form. As a result I’m getting a ton of bot spam.

I’m probably your biggest fan and I recommend your plugin to literally everyone. Don’t make me look like a fool. ??

I am also having this issue. This post is 4 months old, Debian 9 is the new stable version of debian and includes PHP7 by default so a response on this topic would really be appropriate.

After doing a bit of testing I have determined that the WP-Bruiser plugin is causing the issue. I only use that plugin on production sites so that explains why my development site is working.

I have contacted the folks who develop that plugin.

PHP5 remains the “official” version in use on Debian 8 which is still in wide use globally.

PHP7 is the “official” version in use on Debian 9 which was only released a few days ago.