arcane

No, this didn’t work. Both sites that are on the beta channel offered the updates, I applied them, the sites both said that they were updated successfully but a refresh of the plugins page showed the current version as 15.5-beta still and offered the update.

I will look further into any responses tomorrow. I should have been asleep hours ago, not troubleshooting the sites.

Hi Jamie,

Well, I’m reporting back in case others see the same thing. The site appears to be configured correctly.

What was making it look like it wasn’t is that some browsers seem to load then dismiss the icon I was looking for in the lower right corner – sometimes quickly enough I didn’t notice, especially if the banner was turned on in the shop – or not load it at all.

In further testing this evening, I found that Brave browser on Android, iOS (18.x), and my Windows desktop did not show the icon or showed it and dismissed it quickly enough I didn’t see it. Edge took its time displaying it and then dismissed it. Firefox didn’t show it (very possibly this is a plugin – that install is very locked down). Chrome showed it. Safari showed it.

So depending on the browser I used to test with (this afternoon was Brave on desktop and phone), coupled with having to manually dismiss the message about fraud management, it looked like there was an issue when there wasn’t. I have now dismissed the message and it appears that things are working as expected. Thank you for following up.

Thank you. I’ve spent some time with that post already. I will spend some more time with the host. 🙂

Alright, so I have 4 options here.

1. In the webserver “visitor” logs, I see requests for those image files from the 192.0.[64-127].[1-254] range, so I’ve whitelisted this in Wordfence. Wordfence does not have a way to whitelist by user-agent. This is done but I don’t think it worked. I don’t see any requests being blocked or allowed via Wordfence’s Live Activity. I think that is key. I should be seeing the requests either allowed or denied and I’m not so I think it’s further up the chain.

2. (Wordfence) Disable the “Block IPs who send POST requests with blank User-Agent and Referer” option that seems to be working for other plugin issues but this is undesirable because it will have a larger effect than just the photos being available to Photon.

3. The webserver has hotlink protection enabled. I suspect this might be part of the issue? I don’t recall enabling it but maybe I did around the same time and thought it was the SSL? I had been troubleshooting someone else’s website that had had a data breach so I may have been trying to lock my own site down further. It looks like I can only whitelist this by URL so I’ve added https://i0.wp.com, https://i1.wp.com, https://i2.wp.com, https://i3.wp.com, https://i4.wp.com but I don’t think it’s going to work – enabled just before I posted this reply. Will update if it does.

4. The last thing I can do is whitelist in .htaccess. I think this line of “code” would work? RewriteCond %{HTTP_USER_AGENT} !*Photon* [NC] This feels undesirable because a user-agent can be spoofed but I can do it for testing.

Which would you think would work best here? Or did I miss an option?

Hi! I have done as requested with the top pages and posts widget as well as related posts. I had changed it back to this when it looked like the thread may not be answered. I will leave it as is for the interim for troubleshooting. Thank you!

I totally get that. I did documentation and QA for a software company years ago. It’s never the favorite job so I found that documentation is usually a little behind.

The main reason for writing this post was to get some of that info out there for the developers and for anyone else crazy enough to make a move similar to what I did. 😉

If there’s anything else I can offer in the way of information to help this get easier for people, just let me know.