jp-carousel calls wp-admin folder contents

  • Resolved unclesam

    (@unclesam)


    5 years, 10 months ago

    I am using Jetpack with the new Gutenberg editor (previously as a plugin, now as part of the script), wordpress version — latest 5.4.2

    For security reasons, my wp-admin folder is secured with a password to open (it does not depend on the script, this is what the hosting provider enables). I also like the tiled gallery option that I am using often enough — but jp-carousel calls some contents of it causing it to request for a login-password every time a user (they don’t have my credentials) swipes, clicks or taps for the next pic. It still shows the picture, anyway. Is there a way to remove it, save as for removing the password from the folder? I think this might be some library or whatever. If possible, could you include in in Jetpack itself (plugins folder is not secured as part of wp-content)?

    • This topic was modified 5 years, 10 months ago by unclesam.
Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support fresatomica

    (@fresatomica)

    5 years, 10 months ago

    Hi there!

    It sounds like you may need some custom code for that – we wouldn’t be able to help you with this. Could you share the URL to your site so that we may have a look?

    Thread Starter unclesam

    (@unclesam)

    5 years, 10 months ago

    @fresatomica
    The point is, I don’t even know where to look for it, though I might know what it should be — your plugin is great, but it has so many options, really.

    I can definitely share the URL, if you don’t mind Russian https://focused.ru/15892 — this is news that has it, just scroll down and click pictures in the gallery

    Plugin Support fresatomica

    (@fresatomica)

    5 years, 10 months ago

    Thanks for the URL. This is the file that is being blocked: https://focused.ru/wp-admin/admin-ajax.php
    If that’s something you are willing to do, setting a read-only permission to the WP-Admin files should help with this.

    Thread Starter unclesam

    (@unclesam)

    5 years, 10 months ago

    @fresatomica

    Thank you so much for help! I promise to start thinking deeper. The only cause I set the password was that my site was hacked several times, so the hoster offered a solution to that.

    Though strange that a plugin calls an admin ajax library when showing pics.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘jp-carousel calls wp-admin folder contents’ is closed to new replies.