ZicPL

@sorddel Thank You for Your private message and I’ll already comment on discussion.

@forge12 I was reinvited to speak. 1st of all, thank You for finding time to discuss this feature. You’re right that recoding the “DuplicateKiller” plugin to Your “Captcha for WordPress” wouldn’t be legally compliant with GDPR. I didn’t mean identical create cookies (This already makes it non-GDPR compliant). My request to You was: Verify the field (subject, email, phone, etc. – depending on what the user selects) against its UNIQUE VALUE and TIME, but NOT based on cookies (as is done in DuplicateKiller), but based on the IP address (look at Your “Blacklisted Texts” function).
Using “Blacklisted Texts” in Your plugin You can check whether a banned word has appeared.
Why not check if the form subject checksum (we don’t need to know the subject if it’s against anything) isn’t the same one sent 2 minutes ago from the same IP address?

I hope that now I’ve expressed myself precisely and I’ll be understood.
ps. Writing to me about the feature doesn’t make sense because the deciding person is @forge12

kind regards,

• This reply was modified 1 month ago by ZicPL.
• This reply was modified 1 month ago by ZicPL.
• This reply was modified 1 month ago by ZicPL.

The changing name doesn’t actually cause my problems now. Maybe I had something with cache set incorrectly. In any case, it’s good to know that this function name won’t change in the future. To prevent future misunderstandings, briefly clarifying that the name change does not impact cron operations might be helpful (on plugin setting tab).

@forge12
Thank You for Your quick feedback.
I tested it and the comments are added correctly (so far I’ve only tested with one Honeypot protection).

Thank You for finding time for the feature I proposed. I’ve been wondering for a long time whether to write this request here because I didn’t want to be demanding. I’ve reviewed Your previous support topics and now I know that I wrote to the right person. Your plugin (is GDPR compliant) is based on linking the IP address to the user, which I consider more effective than a cookie (clearing browser data eliminates cookies). I decided that comparing the same fields based on the IP database (Your plugin already has this) would not require a large cost of Your work – otherwise I wouldn’t bother You with this feature. It’s possible that part of the code responsible for checking and comparing fields (if they are unique) from the “Duplicate Killer” plugin can be used in Your plugin.

Do you agree with my opinion?
I’ll allow myself to leave the topic open until the functionality is created or rejected, ok?

Hi,
I gave up on above point no.1 but in 2 I found another plugin that focuses on the IP address and together with this plugin it completely protects me from spam : https://www.ads-software.com/plugins/captcha-for-contact-form-7/

Thank you for quickly fixing the bug ??
I’ a’m very happy with Your support and I decided to give the best rating. I’ a’m not closing this report topic because I believe that You and Your team will positively evaluate my suggestion. I’ wi’ll be happy to test the plugin when it gains the suggested features.

we are in touch

Sorry I’m just replying. I missed the email notification..

Following Your instructions, I added Your code in wp-config.php and after following the steps, WP created “debug.log”. This file contains:

[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$days is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 81
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$type is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 82
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$slug is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 83
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$rating is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 84
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$message is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 85
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$link_label is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 86
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$cap is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 87
[10-Jun-2024 15:56:44 UTC] PHP Deprecated:  Creation of dynamic property WP_Review_Me::$scope is deprecated in /home/horbacze1/domains/horbaczewski.info/public_html/wp-content/themes/author/inc/review.php on line 88
[10-Jun-2024 15:56:45 UTC] PHP Fatal error:  Uncaught TypeError: call_user_func_array(): Argument #1 ($callback) must be a valid callback, class "DFWP" not found in /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/class-wp-hook.php:324
Stack trace:
#0 /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()
#1 /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/plugin.php(517): WP_Hook->do_action()
#2 /home/horbacze1/domains/horbaczewski.info/public_html/wp-admin/includes/plugin.php(828): do_action()
#3 /home/horbacze1/domains/horbaczewski.info/public_html/wp-admin/plugins.php(211): deactivate_plugins()
#4 {main}
  thrown in /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/class-wp-hook.php on line 324

Before disabling Your plugin, I run the “developer tools” from my browser and saw in the console:

GET
https://horbaczewski.info/wp-admin/plugins.php?action=deactivate&plugin=disable-feeds-wp/disable-feeds-wp.php&plugin_status=all&paged=1&s&_wpnonce=dc2327ad39
[HTTP/2 500  1247ms]

Additionally, I am pasting the Apache error log from my DirectAdmin (the control panel for my hosting account provided by my shared hosting provider) below:

2024-06-10 16:59:32.053647 [NOTICE] [802195] [T0] [127.0.0.1:59436#APVH_www.horbaczewski.info:443] [STDERR] PHP Fatal error:  Uncaught TypeError: call_user_func_array(): Argument #1 ($callback) must be a valid callback, class "DFWP" not found in /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/class-wp-hook.php:324\nStack trace:\n#0 /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()\n#1 /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/plugin.php(517): WP_Hook->do_action()\n#2 /home/horbacze1/domains/horbaczewski.info/public_html/wp-admin/includes/plugin.php(828): do_action()\n#3 /home/horbacze1/domains/horbaczewski.info/public_html/wp-admin/plugins.php(211): deactivate_plugins()\n#4 {main}\n  thrown in /home/horbacze1/domains/horbaczewski.info/public_html/wp-includes/class-wp-hook.php on line 324\n

btw. I removed .XML file before generating logs above.

I also see that You didn’t respond to my suggestions for additional features (2, 3 from list 1st of my message) for Your plugin. I directed my request to you for the following reasons:
1. You already have a plugin that addresses the topic of RSS feeds
2. You have the necessary experience
3. There are no plugins that have these features (only one plugin I found https://www.ads-software.com/plugins/staticfeed/ unfortunately it doesn’t work, and if Your plugin offered these features then I wouldn’t need to have so many plugins). Would You share Your opinion on the implementation of these features (do You think You would find the time to implement it)?

• This reply was modified 5 months, 2 weeks ago by ZicPL.

Thank You ??

I’m closing the topic as resolved. The problem isn’t the plugin. The problem is with Cloudflare, which checks PAT, instead of first determining whether the device being verified is Apple. For other devices that don’t have PAT capabilities, ClouFlare shouldn’t trigger this challenge. I don’t want to have errors on my site because I care about maintaining good practices, so I gave up Turnstile protection. I start using another plugin.

@elliotvs
Thank you for finding time for me. I’ve been verifying the problem for a few days.
Looking for help I found this page: https://developers.cloudflare.com/turnstile/get-started/client-side-rendering/
After disabling your plugin and following the recommendations from the page above (see point 1,2) I should close your report but read my post to the end.
1 I added a new field in the comment form (wpdiscuz): <div class=”cf-turnstile” id=”test” data-sitekey=”XXXXXXXXXXX” data-callback=”javascriptCallback”></div>
2. I added cloudlfare scripts in head and footer.
When creating a this Topic in Your support page I didn’t write about all errors (These errors will also be experienced by users of your plugin)

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nw1kq/0x4AAAAAAAavjjc6R_X34qn7/auto/normal

XHRGET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/88e98337ab07bfda/1717520777386/38d33a98139089a730c5b911dda4b413ff2ff4566bed58f6a2d53bd873766310/MPGGCeUuVPcP8Hm
[HTTP/2 401  174ms]
No headers for this request

XHRGET
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/88e98337ab0abfda/1717520777418/6e4b77a46b12c4e7bf76672c7c6904120f60b8a3a323279c2ff3aef8fe6f2651/0HrGPkk72XGtoI- [HTTP/2 401  147ms]

Both XHRs are 401 errors

It is probably related to the “LiteSpeed ??Cache” plugin.
Although I’m not a programmer and my site isn’t commercial (I created it to contact friends) I’ll try to help solve these problems as much as I can. Maybe together we can solve this problem ??

1. I did: I clicked plugin settings -> LiteSpeed ??Cache -> Page Optimization -> JS settings: I switched “Delay JS loading” to disabled;
2. LiteSpeed ??Cache -> Page Optimization -> Tuning: “JS Exclusions” & “JS Deferred / Delayed Excludes” I added:
   challenges.cloudflare.com
cloudflareinsights.com
3. Flush all cache

Unfortunately, this didn’t solve the problem and the errors still there. I started searching the Internet and found an article: https://www.litespeedtech.com/support/forum/threads/problem-with-htaccess-htpasswd-with-litespeed-5-1-17-5-2.15229/

Please let me know what you think and what we can do next

I can’t edit my previous post above, where I forgot to paste the errors (from the console):

GET
https://horbaczewski.info/wp-admin/plugins.php?action=deactivate&plugin=disable-feeds-wp/disable-feeds-wp.php&plugin_status=all&paged=1&s&_wpnonce=6a2f57e3aa
[HTTP/2 500  694ms]

GET
https://horbaczewski.info/favicon.ico

I test my .XML file:
1. RSS Feed Search Check: https://getrssfeed.com/
2. RSS Feed Viewer: https://rssviewer.app/

Thank You for Your advice and time ??
– I’ve already corrected the entry in the domains tab.
– The script was automatically added by cloudflare and had problems with Turnstile in Firefox Incognito mode (by default, it is always enabled: “Enhanced Tracking Protection“). If the user doesn’t disable automatic loading of scripts in the cloudflare settings, then “Enhanced Tracking Protection” will cause “Turnstile” not to be enabled. I suggest that You add information about this in the settings page Your plugin (look, I sent a screenshot of the cloudflare settings in the message above) and add a field where the user can enter the content of the script (they won’t have to manually edit the .php file like footer.php). I’m not writing this because I’m lazy, but I know that it will give You peace from users questions who won’t know about it.

I can’t wait for the new version of Your plugin with support for Cloudflare Turnstile ??

Always Allow (I’m not sure that the always allow section is the right place)
Scripts & Images & frames:

https://*.cloudflareinsights.com
https://challenges.cloudflare.com
https://static.cloudflareinsights.com

and

<script defer src='https://static.cloudflareinsights.com/beacon.min.js' data-cf-beacon='{"token": "123123..."}'></script>

in footer.php (cloudflare generates a different token for each account (user) – that’s why I gave “123…”)

@jonkastonka I DIDN’T create this topic because of some problems. Your plugin is great – thank you, I’m happy to use it. Everything WORKS, you just have to follow the steps I wrote about in the posts above.
When creating this topic, I asked you: Can you (plan to) add “Cloudflare Turnstile” in your plugin settings -> “quickstart” tab?
I think that if your plugin natively supported Cloudflare Turnstile in quickstart tab like it does for Google reCAPTCHA, it would be nice (you wouldn’t have to follow so many steps: on your website and in cloudflare). I hope you understand the reason for this topic. Let me know what you think ??

@jonkastonka I use Cloudflare Turnstile on the contact page: https://horbaczewski.info/test/
and with comments below the post: https://horbaczewski.info/contact-form/

Sorry for the late replies but only now I noticed that the messages were going to the spam folder in my mailbox

Sure, no problem. I have been offline for the last 2 days.
1. CloudFlare turnstile – here it generates Api key to connect to my wordpress.
2. The place where CF automatically attached the script itself. I turned it off. Manually adding the code from here meant that the CSP policy did not completely block the operation (by the way, the analytics was compatible with GPDR). CF Turnstile is an alternative solution to Google recaptcha.

Let me know if it is possible to support Cloudflare from your plugin ??