josediogenes
Forum Replies Created
-
Nevermind
I noticed that my cache directory was not owned by webserver’s user. After changing ownership now the plugin worksDean,
Thank you for the enlightenment, sure it’ll help the plugin maker to adjust the code to suit both security and practical needs. Maybe he’ll change the sanitize method as well to avoid such XSS vulnerabilities.
josediogenes
Hello again,
After some research I changed a bit of code within the plugin file and now it seams to be using the “real” IP and not the proxy one.
I changed the get_IP method of your plugin’s class
protected function get_ip() { if (empty($_SERVER['REMOTE_ADDR'])) { return ''; } if (empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { return ''; } //return $this->normalize_ip($_SERVER['REMOTE_ADDR']); return $this->normalize_ip($_SERVER['HTTP_X_FORWARDED_FOR']); }Yes, this is my case, we’re using a proxy and every access to the site has the same ip. Because the plugin analysis login attempts by user and not only by ip, it still is effective, but we miss the ip block/slowdown feature.
ThankYou for your response.
Forum: Fixing WordPress
In reply to: Next Month Javascript not workingI´m getting the same symptom here. I´m using WP 2.5.1 (Latest)
Forum: Plugins
In reply to: [Plugin: ICS Calendar] unterminated string literalSo you figured out how to fix the problem ?