Ben Meredith
Forum Replies Created
-
Hey @galbaras
Here’s a video showing you what I believe is the solution to your issue: https://www.loom.com/share/7856cd6e557b48de8b5b303575dccf9c
Enable ITSEC_DEBUG by adding this to your wp-config.php file:
define( 'ITSEC_DEBUG', true );And then navigate to the debug menu and reset the scheduler. That should resolve this. If not, definitely reach back out here!
Correct!
We’re not allowed (by forum rules) to do any sort of pre-sales conversations here on the free support forum, but we are very keen to answer any questions. @nlpro has already answered this one, and importing settings is definitely a feature you could use.
If you have any further questions, reach out via the contact form on our website at https://solidwp.com/contact and we’re happy to help!Hey @galbaras!
Glad you reached out, here. That has to be caching causing that, i’d assume. The error is saying that two lockouts are happening at the exact same second, for the exact same IP address. That’s highly unlikely to happen (though not impossible). But the fact that it lists the time as exactly midnight
00:00:00makes it even more likely in my mind that this is somehow caching-related.I’m reaching out internally to our team to see if there’s a way to exclude that query from cache or something. I’ll follow up.
Hey @tomv2000!
Just wanted to swing by here and note that we’re tracking this feature request internally. I had our product owner take note here. I agree it would be great. No timeline for it, but it’s something we’ll have a look at.
And @nlpro thanks as always for helping out. You’ve been so helpful for so long with our support forums! I’d love to connect via email. Shoot me a message at ben (at) solidwp (dot) com, and let’s meet!
Absolutely!
I made a quick video explaining things. Give that a watch and let me know if you still have questions!
The short version is that loading as a must-use plugin means that Solid security gets started as early as we can, to secure the website earlier in the boot process. Functionally there’s not a huge amount of added protection, but it does allow Solid Security to run juuuust a little bit earlier.
Hi @ibiza69!
Happy to help you get to the bottom of this! The slightly technical explanation for what’s going on here is that Solid Security uses the PHP “shutdown handler” to do some things (adding meta, deleting meta, etc) after the database request ends. If something happens in the middle of a request like some other plugin or code causes the database connection to drop, the “shutdown handler” still tries to run things, and at that point the database is unavailable (or in a state where queries can’t be run).
So you’ll need to figure out what’s causing the DB instability, and resolve that.
We’re not getting a ton of reports of this, so I’m inclined to think that this is a problem specific to your site/server. I’m more than happy to help you keep digging here, but all signs point to this being a problem that is not ultimately an issue with Solid Security.
My first step if I were you would be to update all the things (WordPress itself, and any plugins as well as the theme).
Next, I’d try to replicate the problem on a different fresh installation (services like instaWP or software like localWP are great for that type of testing). If we get a place where the problem is replicable, that will go a long way toward helping us to resolve your issue.
Let me know if that doesn’t get things resolved for you. Pass along your system info as well. (Navigate to Tools > Site Health > Site info and copy the site info to the clipboard and paste it in your reply here.
Hey @mozzer4u
I really appreciate the time you took to write out this review.
I wish I had a way to rebut any of the things that you say here, but you’re exactly right. Gift Aid needs a bit of work, for sure. It’s on our roadmap to revisit the Gift Aid add-on for sure. In fact, I just checked internally, and it’s currently in progress. I don’t have a firm turnaround time for you (Holidays do that, for sure) but do know that it’s actively being worked on.
We’ve added your additional context here to our internal systems to make sure that the fix we ship takes it into account.I look forward to earning back the remaining stars here. Your success with online donations is our number one priority.
@andi22 Thanks so much for taking the time to leave this review! We really do pride ourselves on our support, so it’s exceedingly great to hear.
Have a great day!
Hey @akiraanastasia!
You can certainly try to isolate/figure out hoe to whitelist the entire range of dynamic IPs, but @shanedelierrr’ s advice remains the fastest way to resolve the underlying problem. You shouldn’t be getting locked out of your site, and if you are it stands to reason that isolating *why* your user is getting locked out, and fixing it from that side is going to be more effective than trying to massage the whitelist to accommodate your dynamic IP.
Have a great day!
Hi @suzakudev!
Apologies for the really slow turnaround here. We got into a backchannel discussion over here trying to replicate your issue, and neglected to reply here!
A few things:
- The Hide Backend functionality of Solid Security is the least effective of the security features of our plugin. It’s what’s called “security by obscurity” and is nowhere near as effective as enforcing strong passwords, 2-Factor authentication, a firewall, etc.
- WordPress Multisite (you mention a subdirectory, so that’s what makes me think you’re using Multisite) is a fickle beast and Solid Security is only minimally tested for multisite.
I’d recommend using the other features of Solid Security and not using Hide Backend if it’s proving difficult to configure.
Hey @poppydev
We are investigating this for sure. I’m still trying to come up with a way to replicate the problem, but yours is not the only report of it so far, so I am certain there’s a way for us to replicate a problem, ust not sure the exact steps, yet.
When it comes to fixing issues, the first step is to get the problem replicable in a separate environment. At this point, we have only a handful of reports, despite tens of thousands of downloads so far.Forum: Plugins
In reply to: [GiveWP - Donation Plugin and Fundraising Platform] User AccountHi @flamand!
Welcome to the GiveWP family!
Accounts on givewp.com are for paying customers of an add-on or plan. When you purchase a plan or an individual add-on, it automatically creates an account for you that entitles you to Priority support, as well as the functionality of the add-on(s) that you purchase.
This support forum (and the moderators of it) forbids us from really going back-and-forth about paid functionality, so I am going to mark this post as resolved. If you have followup questions about creating an account, reach out to us at https://givewp.com/contact-us and we’re happy to help!
Forum: Plugins
In reply to: [GiveWP - Donation Plugin and Fundraising Platform] Lost passwordHey @kwildmoon
Definitely reach out at https://givewp.com/contact-us/
And select the “I have a question about my account” option.
We’re happy to help. Several humans standing by.
Thanks!
Hey folks,
I’m the head of support here, and I wanted to personally weigh in.
As @shanedelierrr mentioned, we resolved the problem and are now working to ensure that something like this can’t happen again.
Here’s the short version: we were making some changes to an internal process that deploys updates late last night (US time) and we released changes to that process not realizing a typo actually ran the deployment for Solid Security Pro, but ran it incorrectly.
So while there wasn’t even a release of Solid Security Pro last night, silently the ZIP that users install by clicking “update” was errantly replaced with a half-built ZIP. That caused lots of problems.
As soon as our US-based dev team came online, we isolated the problem and fixed that ZIP file, so anyone who updated Security Pro since 9:19AM eastern US time has not experienced a problem.
So, in summary: there is no issue in version 8.0.4 of Solid Security Pro. There was a 7-hour period where the servers that supplied that version were delivering an unfinished ZIP. That’s been solved now.
This issue had no effect on Solid Security Basic, so the vast majority of users should see no issue here.
Rest assured we are working hard to ensure that issue can’t happen again. The integrity of your sites is the whole reason we are in business.
Hey @mballew!
I’m trying to understand here. You were looking for a way to accept donations via Square, and happened upon GiveWP. Welcome!
On our free plugin’s description, we do mention Square twice. In both cases, it’s in the “you can get more payment gateway options with some additional premium addons” section of the description.
We’re not baiting anyone. We charge for Square.
If you’re seeing any spot anywhere in our product where we even insinuate that Square is a free-plugin option, definitely let me know. I’ll personally make sure that there’s no bait or switch involved.
To your point, we could offer Square in the free plugin and make some additional revenue, but we’ve so far decided not to do that. There’s a complex decision-making process there around how much it costs to support Square, how robust their API is (or was at the time we were having these discussions), and other factors.
Nothing like a 2-star review to jump-start those discussions again, I guess. 😆
Here’s a two-year-old post on our feedback site where (so far) there has been only 1 vote for Square in the free plugin.
We do take your feedback seriously. Just kinda wish it wasn’t in the form of what feels like an unfair review. 😳
Happy to answer any clarifying questions!