bernieraffe
Forum Replies Created
-
Hi @wfphil,
Thanks for the reply.
I did have 2FA and reCaptcha disabled, I also disabled all plugins, couldn’t find any Must-Use plugins, the authentication error still occurred.
I didn’t bother switching from the Avada theme, as I’m so invested in that theme, that even if that were the cause of the problem, there would have been nothing I could do about it.
My users are paying customers, so I couldn’t risk them having login issues, in the end I disabled Wordfence and switched to a different security plugin. The issue has not returned.
Cheers,
BernieHi @wfphil,
I did mention this in a previous post, I checked the PHP log file, but there was only one (unrelated) warning message repeated over and over.
Hi @wfphil, thanks for your help, but in the end I decided to de-activate Wordfence, and I’ve now switched over to the ‘All in-one WP Security’ plugin.
The issue has not returned.
- This reply was modified 6 years, 3 months ago by bernieraffe.
I have checked the PHP error log, there is only one warning message that is repeated over and over.
The good news though (if you can call it that), is that I can reproduce the error if I try to log in on my phone.
I will try quickly switching to the default WordPress theme sometime over the next couple of days when there are no visiting users.
There do not appear to be any ‘must use’ plugins installed.
Also, the authentication error occurs with both reCaptcha and 2FA turned off (but I don’t think as often)
- This reply was modified 6 years, 3 months ago by bernieraffe.
Hi @wfphil ,
Thanks for the reply.
This is a very difficult issue to test, because it doesn’t happen to me and many other users. The small number of users that had the problem can now access the website now that I have disabled 2FA and reCaptcha.
So, sorry, I’m unable to do any more testing, I will probably use third party plugins for reCaptcha and 2FA
Cheers,
BernieHi @wfgerald
Thanks for the info, I tried various reCAPTCHA human / bot thresholds, and they all failed with the same Google reCAPTCHA authentication error.
However, I then tried using the highest possible value (very likely ‘human’), and then users reported receiving a ‘validation required’ email as opposed to the ‘authentication’ error. Once they had clicked on the authentication link within the email, it all worked fine.
So, thanks very much for your help, and although there appears to be a bug in the reCAPTCHA service, at least I can continue to use it, albeit at the highest threshold level.
I’ve fixed this now.
It was a Wordfence issue, I set the option to delete all 2FA tables and settings on de-activation.
That cleared the error
I forgot to say that you can see the authentication message using any user id and password
I also have this problem, the message says
‘try to Manually Update by clicking the “Manually Refresh Rules” button below the Rules list.’I’m unable to manually update because I can’t find this ‘Rules List’, where is it please?
>>Sorry for not really replying to your original question.
No, that’s Ok, I took on board your points about the wp-config file and have tightened up security as much as I can there, so it was a good help.Thanks again for your comments, I’m very impressed with Wordfence, so am likely to upgrade shortly
Wow, now you’ve got me really worried!! But thanks very much for the detailed response, it’s appreciated.
Yes, I’m prepared to work on the security of my site (which has paid users and I don’t want to let them down), I can follow instructions Ok, but I’m not the worlds most techie person.
So back to my original question, will upgrading to Premium help me do you think or am I going to receive advice that I’m not technically capable of following?
By the way, yes my site is on a shared server.
Hi Raam,
Thanks for the info, must admit I don’t really understand the concept of uBlock Origin, but what it all boils down to is that the Popup plugin is conflicting somehow with S2Member?
Thanks again
BernieI don’t recall saying my restricted pages were SEO optimised, but they do have plenty of content with important keywords.
My initial thoughts were that the pages might be ranked by the search engines, but when clicked on, the user would be taken to the membership page, ok so they don’t get to the actual page they wanted but they do get to see the rest of the site.
Having said that, now that I think more about it, @krumch you’re obviously right, why should a page even be ranked by the search engines if no-one can access it!!
Thanks, I’d already visited that page, and it’s of no,help
I just need someone to spell out exactly how to do a test like:-
If cap (that brought user to the MOP) = ‘OCF’ then
HTML codeI can’t figure out the semantics for the test
Ok, found it in the documentation, thanks