Rob
Forum Replies Created
-
Never mind I have switched back to Gravity.
Currently I have 120 different fields mainly radios and HTML’s
Great work thanks!
Forum: Plugins
In reply to: [Redirection] Redirection of .pdf links not workingYou can get it to work by deleting the old PDF, not ideal but hopefully the developer can look into this.
OK no worries thanks.
I don’t want to match the whole folder just the index.html as some stuff uploaded via gravity could potentially be dangerous as has been in the past.
Also this is multiple folders auto generated with different strings adding all manually across the many sites I manage is no good.
I’m asking if something like this will work in the exclude paths:
wp-content/uploads/gravity_forms/(.*?)/tmp/index.html
to match something like these 2 index.html files:
wp-content/uploads/gravity_forms/12345abc/tmp/index.html
wp-content/uploads/gravity_forms/9876zxy/tmp/index.htmlForum: Plugins
In reply to: [HTML Editor Syntax Highlighter] Latest update breaks "Insert Image"Same thing happening here.
Forum: Plugins
In reply to: [Cloudflare] API key displayed on screenAny update on this? I’m in the same scenario as above its a big security flaw, if one clients site gets hacked it could allow API access to a whole bunch of others. myaffee your right not only hidden but encrypted in DB too.
OK thanks for that ,my mistake I did not see that lockout meta box at the bottom of there, that solves that issue, I was still able to access the site via VPN, though the docs I read said you could only unlock via PHPMyAdmin or similar.
The 404 though might be suitable for some scenarios is not what I am looking for.
2 Features that would make this plugin unbeatable by other plugins:
1. The ability to add blacklist url locks for common bot targets such as timthumb etc.
2. The ability to be able to lock out any bot attempting to access the old wp-login after login url rewrite.What I am trying to achieve safely is to stop brute force attempts fully, though the rewrite of login url does a good job of this the bots are still hitting the server and causing load, If we could have a feature to instantly lock out anyone attempting to access wp-login.php after rewrite this would do the job.
Thanks for your help, I’ll mark this issue as closed, sorry is I seemed a bit blunt in my replies just getting sick of these annoying brute force attempts all the time!
OK I see it cant tell the difference between an actual 404 or a missing resource 404 on a non 404 page, for me that makes the lockout feature on this way to dangerous to turn on as any plugin could cause this or a simple dev mistake and you could be locking most users out and search engines or yourself.
I’ll just leave it off, my point still stands about once you are locked out with such a sensitive feature you need to be able to get back in or release ips without core database mods.
A feature that would be better than blanket 404 lockout would be to be able to add specific requests as a blacklist, i.e if someone keeps trying to request timthumb.php
I got locked out of a site when simply refreshing a page i was working on more than 20 times in 5 mins (The default setting for 404).
The lockout was down to excessive 404, though i was confused as I had not been served the 404 page once.
I released that the site i was working on had a reference in the header to a font file that was missing (Missing resources can be quite common)
So you are suggesting that I should be locked out of that site for simply visiting 20 pages within 5 mins (Default setting) because the site happens to have a link in a script or css somewhere causing a missing file resource?
In this case any site with any missing resources sitewide will lock out any user who browsers more than the threshold of pages and pretty much all search engines crawling the site.
In my opinion a missing resource being served in a header is not a 404 visit, just a missing resource and locking out users or crawlers sould only be counted when actually being served the 404 error page.
Great thanks for the quick update and the great extension!
Confirmed this is an issue with ACF Pro 5.2.7 as reverting to 5.2.6 fixes the issue
Forum: Plugins
In reply to: [Advanced Custom Fields: Image Crop Add-on] Not working with ACF 5.2.7Same issue here