ocabj
Forum Replies Created
-
Forum: Plugins
In reply to: [Duo Two-Factor Authentication] Duo Prompt end of life – March 30, 2024The first half of 2023 has come and gone. Still waiting for update.
Forum: Plugins
In reply to: [Jetpack - WP Security, Backup, Speed, & Growth] Jetpack causing fatal errorSame error and I received an email from my wordpress instance with a link to recovery mode. I went to it and logged in and things are working just fine.
Forum: Fixing WordPress
In reply to: YouTube Embed fails for ‘scheduled’ videosThat being said, I guess this is just a minor quirk that I can live with. So as long as the embed resolves correctly when the youtube video (and the wordpress post) both go live.
Forum: Fixing WordPress
In reply to: YouTube Embed fails for ‘scheduled’ videosNegative. I get this error when I try to paste / embed the link:
“Sorry, we could not embed that content.”
I tested by uploading a video to YouTube that is scheduled for publishing in the future.
It fails in block editor.
Classic editor it works fine (displays the video cover photo).
But I continued the test by changing that test video from ‘scheduled’ to ‘unlisted’ (essentially published) and I refreshed the draft page and the video preview loads.
So I guess the embed in the Block is technically there, but is not resolving to the cover photo until the video actually goes from scheduled to published state.
I noticed this editing problem this morning. Upgraded yesterday, but never noticed until now.
Saw this thread and disabled Page Builder plugin and that appears to be the workaround.
I actually see the Jetpack attack information by using ModSecurity with the OWASP Core Rule Set. I had to do a little tweaking of the rules to parse correctly with filebeat to logstash to elastic, but I get all of the Jetpack block events through the Modsecurity audit log.
As indicated by the Jetpack engineer, unless you’re trying to do some event analytics, the Jetpack ‘app firewall’ did its job and you can go on. But if you really want those events you can just install ModSecurity with the OWASP CRS. You can just run it in detection mode only (not blocking). Although, if you go to the lengths to install ModSecurity, you may as well take the time to do the initial burn-in phase, make your necessary white lists so you don’t break wordpress, and turn on enforcement mode.
Forum: Plugins
In reply to: [Jetpack - WP Security, Backup, Speed, & Growth] 4.0.1 breaks admin pagesElio: Seems to work. Thanks.
Forum: Plugins
In reply to: [Jetpack - WP Security, Backup, Speed, & Growth] 4.0.1 breaks admin pagesNote: 4.0.1 also breaks the display of the stats mini-graph in the admin header bar when logged in as admin. Workaround does not fix this (but at least gets me back in to wp-admin).
Forum: Plugins
In reply to: [Jetpack - WP Security, Backup, Speed, & Growth] 4.0.1 breaks admin pagesI found the workaround here:
https://ww.wp.xz.cn/support/topic/jetpack-400-500-error-temporary-fix?replies=13
Which fixed it.
Odd thing is that I had no issues with 4.0.0.
Forum: Fixing WordPress
In reply to: twitter-timeline shortcode not working in WP postMarking ‘resolved’ in so much that I figured out a workaround.
Forum: Fixing WordPress
In reply to: twitter-timeline shortcode not working in WP postWell, I looked at the page source of the blog posting and noticed that the twitter widget id isn’t being correctly pulled from the [twitter-timeline] shortcode and translated to html:
data-widget-id=”2147483647″ when it should be data-widget-id=”380365916065656833″
I went ahead and put in the correct code in the text editor for the page and that worked.
Still wish the [twitter-timeline] short code actually worked correctly, tough.
Forum: Fixing WordPress
In reply to: Comments immediately tagged as spam (false positive)I figured it out. Apparently the WP-Recaptcha plugin I had installed is broken. Deactivating that plugin restored the expected comment functionality.