yesyeah

Moving to footer worked for me. Why hasn’t this been addressed by the author?? There are probably a ton of people who don’t even realize their entire menu is non-existent – which can destroy engagement… this post is almost FOUR months old!

Found it deep in settings.

• This reply was modified 3 months, 1 week ago by yesyeah.

So silly – they made an update that totally ruined the formatting. Should be an easy fix.

Sorry, didn’t even see this reply (didn’t notify me).

I appreciate this info greatly. Yes, something is quite odd because:

a. I have recaptcha on the sign in page (and failed login attempts continue)
and
b. I changed the login link via a plugin (so it’s different from /wp-admin/) and THAT didn’t help.

BOTH of those together didn’t help.

AND even putting a directory password on the /wp-admin/ doesn’t work!

So I’m losing my mind.

I have considered disabling XML-RPC but concerned it could remove functionality / affecting the site. Is there a way to run something to determine IF in fact there’s an integral piece of the site that would be affected if we turn that off?

I appreciate your help – this site is getting hammered and I’m not sure what else to do.

Thanks for your response!

Will review more (I have already read that blog – thanks) – I have changed to some of your recos already, but I will add this:

1. The usernames are OLD usernames that were on the site but haven’t been for a long time, why is that? How are these usernames found?

2. Recaptcha is enabled and doing absolutely nothing to help.

3. If we wanted to block all attempts outside of the company (since they are all coming from outside the US) would the premium version be needed for that?

Thanks.

First, thanks for your continued replies and help, greatly appreciated!

The first time I tried that – I cleaned the cache and all the errors went away. However, a few days / week later or whatever it was, we got the notification that the scan picked up another 300+ errors so they were back. I can’t say I have cleared cached and tried this several times to see how common it is, but I’m doing it now and if you can keep this thread open and let me try it out over a week or so, that would probably be best in order to track / monitor it.

I just cleared cache and am scanning again right now (last scan had no related errors) so we’ll see.

I just ran a manual scan and it didn’t come up.

But I will also say that in the past when I saw them all there, I cleared cache ran the scan and they were gone. But ultimately, they came back again.

Thoughts?

That’s hysterical. ?? Ok, thanks.

2 Quick Questions:

1. What’s odd though is this NEVER came about until WP Rocket was used and “index-https.html” was tacked on to the end. Why all of a sudden?

2. If they are false positives, should I officially “Ignore” them all and if so, how do I ignore all 300+ of these in bulk?

Thanks!

@wfphil
Thanks. Emailed you yesterday.

Thanks @ausdamo!

You sent something directly to them and they responded? Did they confirm this was a bug they’re fixing?

Again, appreciate you following up. Hope they commment here as well.

Sorry to hear that but glad it’s not me. ?? Hopefully someone will assist soon. Please share any info you may find on this. Thanks!

[Moderator note: Please, No bumping].

• This reply was modified 3 years, 5 months ago by Steven Stern (sterndata).

Hello: Why is this marked as “Resolved? I asked about a timeline and IF IT’S SAFE TO KEEP THE PLUGIN LOADED BUT DEACTIVATED. I know you had a your other plugin removed as well – the fix on this plugin seems to be taking longer. I’m simply asking if users should fully remove the plugin from their sites, or if leaving it on the site, but deactivated is sufficient. And if the plugin SHOULD be removed, will all data / settings be saved or is there a good way to back things up so they can be restored easily once you guys pass safety testing?

Please advise. Thanks.

Thank you for the update. Is it safe to have the plugin loaded but deactivated? Or should it be deleted from every site?

Thank you kindly, I just sent you a message via the contact form. I appreciate your help!

Can I send more info to you privately without posting it here? It’s for a non-profit organization we are trying to assist.
Thank you.

• This reply was modified 4 years, 3 months ago by yesyeah.