Title: Security: Hacking
Last modified: January 31, 2017

---

# Security: Hacking

 *  Resolved [xxxhoop](https://wordpress.org/support/users/xxxhoop/)
 * (@xxxhoop)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/security-hacking/)
 * it looks like your plugin has some serious security issues and is being targeted
   by hackers, bots and whatever is all that is malicious out there. I just installed
   your plugin on 2 sites and i have never had so much security issues, you need
   to put some security stops on your files, and not just that google recapture 
   that you have. Your software is a target and you should know that by now.. FIX
   IT///…i am having all kinds of 500 sever issues because of this even though i
   have installed other security measures

Viewing 12 replies - 1 through 12 (of 12 total)

 *  Thread Starter [xxxhoop](https://wordpress.org/support/users/xxxhoop/)
 * (@xxxhoop)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/security-hacking/#post-8721277)
 * **[http://…&#8230](http://…&#8230);.com/peepsoajax/notificationsajax.get_latest_count**
   this keeps showing on my server on a frequent basis when someone vists a post
   what does it mean…
 *  Plugin Contributor [Matt Jaworski](https://wordpress.org/support/users/jaworskimatt/)
 * (@jaworskimatt)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/security-hacking/#post-8722971)
 * Hi,
 * this URL is the AJAX endpoint used to check if there are new notifications for
   a given user. It runs every 5 seconds or so to keep the notifications real-time.
 * We have no known unpatched security issues, so as far as everyone is concerned
   there isn’t any known threat of a hack.
 * 500 errors usually result from server misconfiguration, especially with badly
   configured mod_security and such.
 * More rarely not enough resources can be a problem. Although some of the websites
   running PeepSo have 5000+ active users and work fine on regular servers.
 * If you need us to take a close look at your website, you’re welcome to send us
   a support ticket, share your website URL privately – and we will have a closer
   look.
 * Thanks,
    Matt
 *  Thread Starter [xxxhoop](https://wordpress.org/support/users/xxxhoop/)
 * (@xxxhoop)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/security-hacking/#post-8731154)
 * _“this URL is the AJAX endpoint used to check if there are new notifications 
   for a given user. It runs every 5 seconds or so to keep the notifications real-
   time.”_
 * You should look for a better way of this..like it should only work when a user
   login, right now it processes every time there is a visitor on the site which
   is a cpu overload killer that’s causing the 500 internal server errors..
 *  Thread Starter [xxxhoop](https://wordpress.org/support/users/xxxhoop/)
 * (@xxxhoop)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8735515)
 * Why is it that your plugin creates a process every time a user clicks on a post
   or page, what kind of notification is that, you seem to have copied the buddypress
   useless codes that eat up ones cpu. Mybe you should look at a plugin like RENCONTRE**
   that stands alone** and does not create all kinds of unneeded issues with ones
   server. Why do you need a 5 second process to check for a single users notification
   when one has many users, members or otherwise onsite. The social networking section
   should stand alone and not interfere with the activities that occur outside of
   it’s domain. I was just about to upgrade to your adons until i noticed your crazy
   cpu issues. You do not need a trigger to issue a notification to a user especially
   if the trigger has nothing to do with the user onsite. Some users just want to
   read your content and others would like to participate in site activities. You
   need to handle this issue. You will probably say that you you have never had 
   this concern from others, well probably nobody ever noticed…Please handle this.
 *  Plugin Contributor [Matt Jaworski](https://wordpress.org/support/users/jaworskimatt/)
 * (@jaworskimatt)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8736649)
 * We are working on it. Improvements will be gradually released in the next versions.
 *  [axew3](https://wordpress.org/support/users/axewww/)
 * (@axewww)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8742583)
 * I’ve just send a report about a serious security issue i’ve find out into a peepso
   file. Please, take a look to contact messages.
    Regards
 *  Plugin Contributor [Matt Jaworski](https://wordpress.org/support/users/jaworskimatt/)
 * (@jaworskimatt)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8742608)
 * Please contact us at [help@peepso.com](https://wordpress.org/support/topic/security-hacking/help@peepso.com?output_format=md)
 *  [axew3](https://wordpress.org/support/users/axewww/)
 * (@axewww)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8742656)
 * Ok just done.
 *  [axew3](https://wordpress.org/support/users/axewww/)
 * (@axewww)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8742719)
 * P.s Hi
 * >  We got your support request for ticket number 13420 One of our support staff
   > will respond to you as soon as possible.
   > Our support hours are Monday through Friday, 9 AM to 5 PM, CST Time (+8), we
   > are not available on weekends and during the holidays.
   > Thanks for choosing PeepSo!
 * I’ve got this email, after email about security report.
 * Take a look to the email message:
    i’ve see the code of this plugin due to the
   fact it is used by a site, that asked for some mod.
 * Regards, axew3
    -  This reply was modified 9 years, 3 months ago by [axew3](https://wordpress.org/support/users/axewww/).
 *  Thread Starter [xxxhoop](https://wordpress.org/support/users/xxxhoop/)
 * (@xxxhoop)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8744616)
 * @axwe3 glad you found that too because i was just about to bring that up too 
   noticeably because of the unwarranted processes running outside of the plugin,
   malicious people always go after a good product like peepso and [@jaworskimatt](https://wordpress.org/support/users/jaworskimatt/)
   thanks for your attention to this matters, you have no idea how long i’ve been
   looking for a workable social networking plugin with security and functionality.
 *  Plugin Contributor [Matt Jaworski](https://wordpress.org/support/users/jaworskimatt/)
 * (@jaworskimatt)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8746380)
 * @axwe3 the issue you reported will be patched in 1.7.4
 * As said previously, AJAX is not a security issue and the timing will be improved
   in 1.7.4 and 1.7.5
 * If you have any more questions please send them to [help@peepso.com](https://wordpress.org/support/topic/security-hacking/help@peepso.com?output_format=md)
 * Thanks
 *  Plugin Author [PeepSo, Inc.](https://wordpress.org/support/users/peepso/)
 * (@peepso)
 * [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8746482)
 * Hi,
 * Closing this topic and marking as resolved. Just like [@jaworskimatt](https://wordpress.org/support/users/jaworskimatt/)
   said we’ll have it patched in 1.7.4.
 * Regarding ajax calls and optimization that’s already happening in 1.7.4 and will
   be also the main focus of 1.7.5.
 * _[ [Signature moderated](https://make.wordpress.org/support/handbook/forum-welcome/#avoid-signatures)]_
    -  This reply was modified 8 years, 9 months ago by [Jan Dembowski](https://wordpress.org/support/users/jdembowski/).

Viewing 12 replies - 1 through 12 (of 12 total)

The topic ‘Security: Hacking’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/peepso-core_e0dcd7.svg)
 * [Community by PeepSo - Download from PeepSo.com](https://wordpress.org/plugins/peepso-core/)
 * [Support Threads](https://wordpress.org/support/plugin/peepso-core/)
 * [Active Topics](https://wordpress.org/support/plugin/peepso-core/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/peepso-core/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/peepso-core/reviews/)

 * 12 replies
 * 4 participants
 * Last reply from: [PeepSo, Inc.](https://wordpress.org/support/users/peepso/)
 * Last activity: [9 years, 3 months ago](https://wordpress.org/support/topic/security-hacking/#post-8746482)
 * Status: resolved