ayntk's Replies | ww.wp.xz.cn

Forum Replies Created

Viewing 15 replies - 1 through 15 (of 21 total)

1 2 →

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Email sending no longer works

Thread Starter ayntk
(@ayntk)

2 years, 4 months ago

I have reinstalled twice now and email is still not working. And I think I can pinpoint the problem. When I select and admin user, the user is not recognized as an admin user. When I add my username to the admin user group of solid security, it does not stay there and so the notification check for all admins does not work because the plugin thinks there are no admins. I use the following plugin for user roles and I think your plugin has a problem with this plugin that prevents the plugin form from recognizing what admin users are:
https://ww.wp.xz.cn/plugins/advanced-access-manager/

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] IP identification does not work correctly with Cloudflare
Thread Starter ayntk
(@ayntk)

2 years, 5 months ago
I did some more testing and was able to pinpoint the problem:
When I add the IPv4 to cf the detection in Solid Security works -> Still with error sadly.

As soon as I add the IPv6 of my server to cf, Solid Security detection stops working (I added the exact IP and tested it with the range -> no luck on both) –> So the Identify Server IP scanner seems to have a problem if the IPv6 address is allowlisted in cf -> maybe if you can fix this, the problem is solved (when the scanner works, the error might be gone if we are lucky).

EDIT: Once I enabled password protection in Admin and Site Enhancements, the scan works again -> with the error
- This reply was modified 2 years, 5 months ago by ayntk. Reason: Scan works again and error is back
- This reply was modified 2 years, 5 months ago by ayntk. Reason: Never Mind Scan does not work -> Password Protection caused it
Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] IP identification does not work correctly with Cloudflare

Thread Starter ayntk
(@ayntk)

2 years, 5 months ago

I spoke to support and now my server IPs are allowlisted, now when I run Identify Server IPs it does not load at all -> so no response at all just endlessly loading.

So I guess it is not working?

Strangely, as soon as I password protect my site (hole site) it works again with detection and the error is still there with password protection (normally password protection is off so this makes no sense).

If I remove the IPs from the allowlist in cf, the error comes back -> but at least the identifying scan works.

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] IP identification does not work correctly with Cloudflare

Thread Starter ayntk
(@ayntk)

2 years, 5 months ago

Thank you, that does not seem to work. I do not have access to such a setting in Cloudflare. Could you perhaps share a screenshot of how you have done it as it does not appear for me like described in the article. I only habe rules, and WAF rules do I have to add it there and skip a specific component or what exactly do I need to skip for solid security to work?

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Email sending no longer works

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

Can I somehow export the settings and reinstall them as I do not want to reconfigure the hole plugin?

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Do not attempt to update Apache files on nginx web servers.

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

Maybe it is related to the nginx version my panel is using, it is using a custom nginx version, could that be the reason?

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Email sending no longer works
Thread Starter ayntk
(@ayntk)

2 years, 6 months ago
Did not work, changing the recipient to custom did nothing, 3 days in a row file change warning failed again:

Fluent SMTP error code:
```
{ "code": 400, "message": "You must specify at least one recipient.", "errors": [ "You must specify at least one recipient." ] }
```
In debug there is this:
```
{
    "last_sent": {
        "digest": 1702561418
    },
    "resend_at": {
        "digest": 1702583009
    },
    "data": {
        "digest": [
            {
                "type": "file-change"
            }
        ]
    },
    "last_mail_error": "You must specify at least one recipient.",
    "from_email": "",
    "default_recipients": {
        "user_list": [
            "role:administrator"
        ]
    },
    "notifications": {
        "digest": {
            "schedule": "weekly",
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "custom",
            "subject": "Weekly Security Digest"
        },
        "lockout": {
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "custom",
            "subject": null
        },
        "malware-scheduling": {
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "custom"
        },
        "file-change": {
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "custom",
            "subject": null
        },
        "two-factor-email": {
            "subject": null,
            "message": ""
        },
        "two-factor-confirm-email": {
            "enabled": true,
            "subject": null,
            "message": ""
        },
        "hide-backend": {
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "custom",
            "subject": null,
            "message": ""
        },
        "two-factor-reminder": {
            "subject": null,
            "message": ""
        }
    },
    "admin_emails": []
}
```
And in the logs
```
id               => 39321
module           => notification_center
type             => error
code             => send_failed::file-change
timestamp        => 2023-12-17 12:56:03
init_timestamp   => 2023-12-17 12:56:01
remote_ip        => 127.0.0.1
user_id          => [empty string]
url              => wp-cron
memory_current   => 35610744
memory_peak      => 42375544
data             => Array
    error   => Object WP_Error
        errors       => Array
            wp_mail_failed   => Array
                0   => You must specify at least one recipient.
        error_data   => Array
            wp_mail_failed   => Array
                to                         => Array()
```
Default Recipients: All “Administrator” Users

-> One thing I noticed is that if I select the specific admin individual, then check it a day or two later, it is unchecked again by itself, but the all Admin setting should also work with all my admin users.
Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] IP identification does not work correctly with Cloudflare

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

I have also asked the community of my hosting panel and they allow and use CF-Connecting IP. So this cannot be the problem.

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] IP identification does not work correctly with Cloudflare

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

I have whitelisted your plugins security scanner IP, what exactly is my loopback IP, is this my server IP?
I host it myself, so I cannot contact my host.

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Email sending no longer works

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

The USERID was for privacy reasons, the Admin User ID was there, sorry should have mentioned that I redacted it. How can I manually trigger a file change email or a new vulnerability detection email because all other emails are already working?

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Do not attempt to update Apache files on nginx web servers.

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

I did not have to manually add the rules to my nginx.conf, they were all there. I disabled writing to files, restarted my server and cleared all caches and it seems to no longer scan for apache but I have not really done anything except disable and clear caches and restart. Is it because I disabled the setting write to files or why?

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] IP identification does not work correctly with Cloudflare

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

curl -d ‘action=itsec-check-loopback’ -i https://yoursite.com/wp-admin/admin-post.php -> When I execute this, it returns a huge list of things, including the error. And when I check the loopbacks it says

Loopback requests are used to execute scheduled events and are also used by the built-in editors for themes and plugins to check the stability of the code.

The loopback request returned an unexpected http status code, 403, it was not possible to determine if this was preventing functions from working as expected.
-> But I think this is normal because I use a server corn job to schedule my wp-cron.php

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Email sending no longer works
Thread Starter ayntk
(@ayntk)

2 years, 6 months ago
I have all “Administrator” users as the default recipient and there is a valid email in my Admin account. The credentials are correct as all other email sending works. I am using Fluent SMTP.

Debug enabled:
```
{
    "last_sent": {
        "digest": 1702283342
    },
    "resend_at": {
        "digest": 1690424859
    },
    "data": {
        "digest": [
            {
                "type": "file-change"
            }
        ]
    },
    "last_mail_error": "You must specify at least one recipient.",
    "from_email": "",
    "default_recipients": {
        "user_list": [
            "role:administrator",
            USERID
        ]
    },
    "notifications": {
        "digest": {
            "schedule": "weekly",
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "default",
            "subject": "Weekly Security Digest"
        },
        "lockout": {
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "default",
            "subject": null
        },
        "malware-scheduling": {
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "default"
        },
        "file-change": {
            "enabled": true,
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "default",
            "subject": null
        },
        "two-factor-email": {
            "subject": null,
            "message": ""
        },
        "two-factor-confirm-email": {
            "enabled": true,
            "subject": null,
            "message": ""
        },
        "hide-backend": {
            "user_list": [
                "role:administrator"
            ],
            "recipient_type": "default",
            "subject": null,
            "message": ""
        },
        "two-factor-reminder": {
            "subject": null,
            "message": ""
        }
    },
    "admin_emails": []
}
```
Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Do not attempt to update Apache files on nginx web servers.

Thread Starter ayntk
(@ayntk)

2 years, 6 months ago

Nerver mind I changed the file path, so that part worked but it is still checking for apache config file: Core Critical Issue Empty file encountered when attempting to update apache config file. 2023-12-14 11:13:03 – 5 Minutes ago. Do I need to manually delete the cron job for this or how can I stop it from doing so (I have already restarted nginx)?

Forum: Plugins
In reply to: [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection] Email sending no longer works
Thread Starter ayntk
(@ayntk)

2 years, 6 months ago
I choose to send it to all admin users so there is a recipient, but it is still not sending emails:
```
id               => 39037
module           => notification_center
type             => error
code             => send_failed::file-change
timestamp        => 2023-12-13 14:16:03
init_timestamp   => 2023-12-13 14:16:01
remote_ip        => 127.0.0.1
user_id          => [empty string]
url              => wp-cron
memory_current   => 35692832
memory_peak      => 42356376
data             => Array
    error   => Object WP_Error
        errors       => Array
            wp_mail_failed   => Array
                0   => You must specify at least one recipient.
        error_data   => Array
            wp_mail_failed   => Array
                to                         => Array()
                subject                    => [site] File Change Warning
```
Error code of my SMTP plugin:

{ “code”: 400, “message”: “You must specify at least one recipient.”, “errors”: [ “You must specify at least one recipient.” ] }

Viewing 15 replies - 1 through 15 (of 21 total)

1 2 →