CZghost
Forum Replies Created
-
It works, so good I guess.
Alright, I managed to add the site in the end, all it took was just some waiting. I’d love to add a license to my localhost testing instance as well tho, with the url https://wpdev.czghost.test/ that isn’t accessible through the Internet. Is that possible? I’m using it as a development staging environment for my own plugins and themes development for my websites, and I want to set up almost identical environment for this instance so I’ve got a good idea how my plugin is going to be interactible with the plugins I already have on my public WordPress site.
So I tried to add it as a new site, and it seems there’s an issue. I’m using Polylang plugin that automatically detects and redirects people to a language of their browser (or the default language, which is English), and it seems it may interfere with how Wordfence Central connects to the site. Unfortunately, I do need this plugin for translations and language choice, as I run my site with dual languages.
No worries, I understand the importance of patience in the process of updates, as I am a developer myself, and I know how time consuming software development is. I was just surprised it locked me out, my intention was not to be hostile or anything. I can’t use Google reCaptcha for reasons stated above. In the meantime, I can simply just disable new registrations until a support for GF Turnstile is added (I’m pretty sure it’s gonna be added, since it’s widely popular, Cloudflare is one of the most used DNS provider, and their Turnstile product aimed to provide a simple but effective CAPTCHA for websites is one of the top used CAPTCHA services in the world, and Cloudflare naturally uses it themselves).
I’d just like to know if you’re considering adding a support for other plugins that may interfere with the login page, or if you’re going to integrate it directly into Wordfence. I understand, that for security reasons, you’re probably gonna go with the latter, which means I probably won’t need the CF Turnstile plugin anymore after that happens. I’ve enabled automatic updates on my WordPress instance, so it’s okay, I’ll be covered eventually. WordPress actually runs a cron job that updates all enabled parts automatically (including themes and plugins, not just core).
Yet again thank you for your reply. I appreciate it.
EDIT: I removed the question about billing, as I noticed that forum rules may prevent you from answering that question. I’ll ask in private in an available pre-sales support channel (which might be your contact email I guess). Consider it resolved. Thanks.
- This reply was modified 5 days, 10 hours ago by CZghost. Reason: Removed billing question for a premium version
Thank you for your response. I decided to ditch Google reCaptcha in favour of Cloudflare Turnstile because of a few reasons:
- Google reCaptcha is locking more and more features and API usage behind a paywall, which is the most prominent reason to use other captcha services. Not to mention privacy concerns for using this widely popular service.
- hCaptcha as a possible alternative sometimes doesn’t work and fails to load, leaving me no choice than abandoning that as a viable alternative.
- Cloudflare Turnstile is gaining popularity online, and it actually respects privacy and doesn’t use the user output to train an arbitrary AI like Google does, and it works most of times. If a captcha test fails, you do have to reload the page to restart the process, but it doesn’t happen most of the times, unless Cloudflare detects some unusual activity from your network (may be more frequent when using VPNs or proxy servers, like Tor). reCaptcha makes users to mark squares with traffic lights and stuff like that, which I find highly annoying and intrusive. Simple web page reload is much better IMHO, although, it may be frustrating to lose your long email to reload a CF Turnstile process if you fail a test on a contact page (that’s why I recommend writing a direct email through your email client if your email isn’t exactly fitting into a cap of 1000 characters, instead of using a contact form).
Recently, Google reworked reCaptcha in a way it quite literally enables fake reCaptchas distributing malware to be more beliveable, as it now asks users to scan the provided QR code with their phone. Yes, you’ve heard me right. Scan a QR code. That’s literally how you get hacked. So I’m not going to support this madness, sorry.
Alright, it’s not cookies. Even if I do accept all cookies, the pictures just don’t show up. Could you upload it to a site like Imgur?
BTW, this is how it looks like for me (both Chrome and Firefox behave the same):
https://czghost.is-a-virg.in/7hhTuOHcB.png
- This reply was modified 8 months, 3 weeks ago by CZghost.
Strange. I’m normally using Chrome on Windows, but tested it with Firefox, and same issue. I don’t even have any addons on my Firefox installation (and no, it’s not Tor Browser, it’s an actual vanilla Firefox). I’ve refused to save tracking cookies, but that shouldn’t (by law) break the functionality of the website. I don’t think it’s the cookies. But I digress. I’ll try to save the advertising cookies briefly, to see if it affects the site. If it does, then it’s in violation of EU laws.
I saw something similar. The IP was blocked then the block was released:
https://flic.kr/p/2rr4EHmFor some reason I can’t see the screenshot on the link provided. I tried to disable adblocker – nope. Tried to disable DuckDuckGo Privacy Essential – nope. It just doesn’t show me the screenshot.
Well, IPinfo says this IP address is an MSN bot, but at the same time it has been flagged as abusive, so idk. If you’ve found it’s been doing nefarious stuff, then you should be able to ban the IP from accessing your site.
So, as it turns out, my hosting provider does support InnoDB engine, but only for paid subscription. I have free subscription of hosting, so I have only MyISAM available.
I don’t need the two factor auth right now, so I’ll wait with it until I am able to upgrade. Thanks for help.
My hosting provider is Endora.cz. I guess they’re not using InnoDB, they’re eighter using MariaDB or original MySQL for database server. The database shouldn’t be really the cause, because posts and such things are just fine, no error while saving drafts or publishing posts.
From original reply (held on moderation, I don’t know if it is visible or not):
Okay, so it seems that there is some issue with database, however I cannot find exactly the one you wrote. I get this instead:
[posted log]The edits are because of backticks breaking it apart.
I guess better read there: https://pastebin.com/U6wPDiCMOkay, so it seems that there is some issue with database, however I cannot find exactly the one you wrote. I get this instead:
[23-Apr-2020 23:43:34 UTC] WordPress database error Table 'czghost.myblog_wfls_settings' doesn't exist for query SELECT 'name', 'value', 'autoload' FROM 'myblog_wfls_settings' WHERE 'name' = 'allow-xml-rpc' made by require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), include_once('/plugins/wordfence/wordfence.php'), require_once('/plugins/wordfence/lib/wordfenceClass.php'), require('/plugins/wordfence/modules/login-security/wordfence-login-security.php'), WordfenceLS\Controller_WordfenceLS->init, WordfenceLS\Controller_WordfenceLS->_init_actions, WordfenceLS\Controller_Settings->get_bool, WordfenceLS\Controller_Settings->get, WordfenceLS\Settings\Model_DB->getI certainly know I didn’t whitelist my IP. If it did automatically, I cannot tell, but what I know for sure is that when the page was refreshed (with ot without logoff and logon), it reverted back to two factor auth setup, meaning that the two factor auth wasn’t actually set up.
Whitelisted IP list is empty, and two factor auth isn’t set up. So tested it out again. I’ve set up my two factor auth, saved recovery codes, activated it using Google Authenticator and the code provided, all seemed well (it showed a confirmation message). Refreshed the page and it is reverted back to 2fa setup, meaning nothing has been activated.
I guess it is worth noting I have Wordfence Free (no paid subscription), so maybe that thing doesn’t work for free users? But then it doesn’t make sense to let users set it up without any notice.
Forum: Fixing WordPress
In reply to: An issue occurs when updating something – instructions not sentYes, of course. Nothing. So if it got catched by a spam filter, it might be automatically deleted by Google’s spam filter, not showing in my inbox at all.