Vijay Padiyar

Thanks a lot @wfalaa! Appreciate your response.

Well that may be true generally but there are small website owners who may have two WordPress logins – one admin and one non-admin. The admin login is used sparingly only when there is a need to make any configuration changes or WordPress updates etc., whereas the non-admin login would be used for routine logins to check statistics, logs, etc. It would be helpful to see the Wordfence logs (IPs blocked, login history, etc.) with the non-admin login itself.

For such cases, Wordfence could consider providing a configuration option to enable the dashboard widget for non-admin users. This option would be disabled by default to retain the legacy behavior, but it could be enabled if required. This would avoid the need to frequently use the admin login (security risk!!) just to see the Wordfence logs.

Regards

Vijay

• This reply was modified 6 years, 10 months ago by Vijay Padiyar.

Yes I finally managed to determine how the unknown user accounts were being created. The hacker had added a PHP script to my WordPress wp-admin directory which allowed them to view and add/remove WordPress accounts directly into MySQL. I removed that file and also changed all my passwords (MySQL database, WordPress and cPanel).

Facing the same issue. No change in theme. In my case a plugin (Anti-Spam) got updated from version 4.1 to 4.2. And that’s causing this error message because W3TC minify module is still looking for the old .js file (anti-spam-4.1.js) which obviously no longer exists. The odd thing is this plugin was updated over 2 months ago and yet I’m still getting this error!

Same issue with me as well. RSS feed is empty.

Also one more issue. Pagefrog uses the WordPress URL and not the site URL while generating the feed URL. This results in an invalid feed URL generated for those who are running WordPress in a subfolder and not in the root folder. This too needs to be fixed.

Never mind, I resolved this by using Pagefrog AMP plugin which has a “Force AMP compliance” option which automatically removes unsupported tags, resources, etc. from AMP pages.

Here’s an image of the BackWpUp job log: https://imgur.com/i8nPEoq

This URL is the current example:

https://answers.microsoft.com/en-us/mobiledevices/forum/mdnokian/camera-quality-has-dropped-after-belle-update-on/93e24165-7736-4906-bfe8-922df7762376

There was a 302 redirect issue a few weeks back but that was fixed in 24 hours. But BLC continues to show the URL in Redirects tab. See this image: https://s30.postimg.org/4u83ccbo1/redirects.png

Hmm you are right it seems :). I tried logging in from a different browser and the problem is not seen. I then cleared the history for my site on my regular browser and the problem disappeared there as well. Sorry for the trouble!

Hi Janis

The link I pasted has both the images. Click on “Second Image” at the top to see the second image that has the plugin version.

The problem is not restricted to the “Redirects” section. Even the “All” section has the problem. It’s not a caching issue as I have not enabled caching for the WP admin section.

Regards

Vijay

Yes I am using 1.10.7 on WordPress 4.2. See the images which show the plugin version as well as the problem described by me: https://imgur.com/cqDLpBN,rGTO78C

Thank you for the prompt reply, Ryan :). Yes I am aware of the option and I have now disabled it. What I am asking is, can this option not be disabled by default? This is because from my experience I can vouch that it is very hard to trace down the page design distortion to this particular Jetpack smiley setting, because the smiley is not easily visible except upon close inspection.

Thank you. Would be really useful as it would save us the time of going to the BLC logs page to check the same.

Thanks guys! You’re awesome :).

I have fixed the issue in 0.9.3. Details are in this post: https://www.ads-software.com/support/topic/some-css-files-not-getting-minified?replies=3#post-4662905