Steven Ayers

@dreamingat30fps I understand your frustrations with contact forms. I use either Contact Form 7, Gravity Forms, or even custom plugins to address these issues (across over 100 sites). These issues surround the environment of contact forms and not so much as a specific plugin. I do think that Contact Form 7 is more prone to breaking when using add-on plugins that were not created by the main plugin author. There are a lot of moving parts in submitting a form and delivering it to someone’s inbox reliably. I have personally logged 100s of hours into a custom plugin (that I do not own) to reduce these said problems and increase the reliability and provide stats…and the majority of our problems still surround contact forms. Unfortunately, it is not a cheap or easy solution to implement (nor a 100% reduction in problems). In conclusion, these problems are cheaper to address by using a free or even paid plugin versus building your own. As you scale your business, you may want to invest in building your own in-house plugin to address the problems you mention as it may reduce the risks involved with using free plugins.

I hope that is helpful,

-Steven

@tycreate I just updated the plugin (Version 0.5.08) and reactivated it and it did not break the site. I did notice that each of my forms were no longer connected via the API. Not sure if that was due to me disabling the plugin or not. To fix this issue, I went to each form in CF7 and then clicked on the ChimpMatic Lite tab. If you see a the API Key marked red, then you will need to reconnect the API Key. I just simply clicked the button “Connect and Fetch Your Mailing Lists” (my API key was already in there) and then reviewed the settings. If everything looks good, update the form.

I hope that helps.

-Steven

Author of WP Security Safe – WordPress Security Plugin

• This reply was modified 5 years, 4 months ago by Steven Ayers.

A new version has been released (0.5.08), which supposedly fixes a bug. I will reactivate the plugin on one site to test. I’ll update this thread with the results.

Thank you for the kind words. I am happy this plugin helped secure your site.

-Steven

@alfonsoborghi,

I’m glad to hear that this fixed your issue. Please write a review of WP Security Safe as this helps support further development of this plugin.

Thank you,

-Steven

@alfonsoborghi,

I have released version 2.2.3 and it includes a bug fix that should solve your login issue. Please update the plugin and clear your cache (if you are using W3TC or Super Cache..etc). Please let me know if this solves your issue.

Also, please review the changelog notes for version 2.2.3.

Thank you,

-Steven

I have found a solution to this issue. I will release a new version of WP Security Safe 10 hours from now. I need to test this solution thoroughly before I release it.

-Steven

I believe I will need to make the plugin compatible with this. The parameters passed with $args will not be able to trigger the nonce field.

Please disable the Local Login feature for now. I will investigate a solution and roll out a new version of WP Security Safe in a day or so. I will comment on this thread once the version is available.

-Steven

You can use the snippet of code below to generate the line of code you need.

<?php wp_nonce_field( ‘login-local-‘ . SECSAFE_SLUG ); ?>

The line of code must get placed within the boundaries of the <form></form> tags for the public login. This means that this code may not get the results you want if you cannot get the _nonce field within the tags. It depends on how that form is being created. If the form is being created by calling a WordPress function or another plugin, then please share that code with me and I will make WP Security Safe compatible with it.

Thanks,

-Steven

@alfonsoborghi,

Thank you for reaching out for support. I am assuming FE user is “Front-End” user. Is this affecting the ‘administrator’ roles or only subscriber and other roles roles? The login form has to include a nonce which is generated by the WP Security Safe plugin. The nonce will be a hidden field that will be checked on every attempt to login. If the nonce has expired (24 hr expiration) or is missing, you will get that error in the logs.

The field will look something like this:
<input type=”hidden” id=”_wpnonce” name=”_wpnonce” value=”68515e239d”>

That value is a unique string that is generated for the purpose of logging in. The value changes for each user to verify that the user is indeed visiting the page before logging in.

How to troubleshoot:

1. Turn on the WP Security Safe local login feature and DO NOT LOG OUT.
2. Open up an incognito window in the browser and visit your login page, which will prompt you to login in that incognito session.
3. Right-click on the form, and inspect element or view the page source. You should find a field with the name of name=”_wpnonce” within the form. If it is not there, the login validation will fail.
4. If it is there, then the value is not coming through properly and failing due to it not matching.

Please try this and let me know what you discover. Be sure to stay logged in in the other session to prevent locking yourself out of the admin.

If you need help troubleshooting this, please add [email protected] as an administrative user and I can login and troubleshoot this for you. If you add me to your website as an administrator, please check the checkbox to notify the user when creating the account. Once this process is done, please delete my account.

– Steven

@df03472,

The problem was fixed in version 1.1.11, but it did not entirely correct the settings issue in the database if your settings were corrupted. Version 1.1.12 detects the corrupted settings issue, deletes the settings and set the initial default settings.

Thank you for helping make this plugin better.

Thanks for using Security Safe,

-Steven

• This reply was modified 6 years, 8 months ago by Steven Ayers.
• This reply was modified 6 years, 8 months ago by Steven Ayers.
• This reply was modified 6 years, 8 months ago by Steven Ayers.

@df033472,

I have released version 1.1.12 and it will automatically detect if your settings are corrupted and fix them. Please update to the newest version.

Also, if your problem gets solved, please reply with what solved it.

Thank you,

-Steven

@df033472,
It sounds like your settings in the database might be messed up. Try resetting them by going to this url while logged in: https://affright.com/wp1/wp-admin/admin.php?page=security-safe&reset=1

Then let me know what happens.

-Steven

These issues were fixed in version 1.1.10.

@df03472,

Thank you for reaching out for help. I have fixed the issues that you were describing. Please update to the newest version.

-Steven