Matt Cromwell
Forum Replies Created
-
Hi there Marek, I appreciate your feedback. Malware scanning is a sensitive issue. False flags from plugins are extremely common. Our setup process is designed to configure the plugin specifically for your website needs, because security isn’t a cookie-cutter issue, but needs to be catered to the needs of each site. Most users find the onboarding valuable, but to each his own.
Most importantly, I’d really encourage you to consider the PROACTIVE protections of Solid Security (both Basic and Pro). Our user security, firewall rules and protections, and brute force protection really are designed to help you prevent having to do reactive malware cleanup as much as possible.
Try us again on a new site to keep yourself clean and secure and let us know how it goes. Also, always feel free to reach out to our support first, since we’re always happy to help with any of your needs with our SolidWP products.
Glad to hear it! Happy to help!
If you’re enjoying Solid Security and appreciate our free support, we’d love a kind review from you here:
https://ww.wp.xz.cn/support/plugin/better-wp-security/reviews/
Thanks!
Hi there! I’m glad you reached out, I can help clarify that for you.
If you are using Solid Security Basic, then you should continue using the Patchstack plugin. Solid Security Basic does all the WordPress hardening and user account security you need, but Patchstack covers the plugin vulnerabilities. They pair really nicely.
But if you have Solid Security Pro then our unique deep integration with Patchstack really makes the MOST out of that vulnerability information automatically for you. So no need for the additional plugin because you get Patchstack and even more with Solid Security.
If you have more questions about this at all, feel free to reach out to us via our contact form. Thank you!
Hi there! Thanks for a great question. It’s encouraging to know you’ve been seeing our announcements and are excited about Patchstack.
Our unique integration with Patchstack will provide you with automatic virtual patching. But it is a cost that we incur per site, so it’s not something we can easily absorb. That’s why it will be available only in the Pro plugin.
We have some upcoming iThemes Training webinars and blog posts in the hopper all about Patchstack and what that means too, so watch for those coming soon as well.
Thanks!Forum: Plugins
In reply to: [Seriously Simple Podcasting] NGINX Rules break serverThe way their rules are set, you don’t edit their files directly, you add new ones into the folders and the main config automatically reads them. So I created a new one in:
/etc/nginx/sites-available/{DOMAIN}/serverSpecifically called
ssp.configso it looked like this:/etc/nginx/sites-available/{DOMAIN}/server/ssp.configSee their docs on that here:
Forum: Plugins
In reply to: [Seriously Simple Podcasting] NGINX Rules break serverThe support team at SpinupWP helped me out. The rules needed to be in the “server” area instead of the “before” area. That might be unique to SpinUp’s setup but you might consider adding that as a note to the docs for others.
Thanks, this is resolved!
Forum: Plugins
In reply to: [Seriously Simple Podcasting] Deregister Podcast TagsPerfect, thank you!
Forum: Plugins
In reply to: [WP Rollback - Rollback Plugins and Themes] Rollback not sticking?Hi there! There’s two ways that can happen:
- The version numbers in the plugin don’t actually match correctly.
- You have either some settings in your hosting environment or another plugin management tool that is automatically forcing updates to plugins
What version of that plugin are you currently running, and what version are your trying to roll back to?
Thanks!
Thanks for your follow-up and your understanding. With your feedback in mind, I’ll take another look at the wording. The potential for fatal errors aren’t because of WP Rollback specifically, but the process in general of rolling back plugin versions, it’s just what’s at stake in WP sometimes. But it’s possible we leaned too heavily on the fear of fatal errors and should instead instill confidence and have our tone be more educational rather than warning/fear based.
Thanks for the open dialogue and I truly wish you success.Hi there,
I appreciate you taking the time to reach out with your concerns. I’d like to take some time myself and explain why you see those disclaimers and the value and purpose behind WP Rollback. Of course it’s your prerogative to install it or use it or not either way, but just for the record.
THE SHORT VERSION
This is not beta software, it’s battle tested and been helping over 200K users for the past 8 years. We take responsibility for the functionality our plugin offers, and make it freely available for anyone to use, and we even donate our time to respond to free support requests; but we can’t take responsibility for every plugin on ww.wp.xz.cn and what those plugins or themes will or won’t do to your website when you roll them back to a previous version.
THE LONG VERSION
What does this plugin do?
All ww.wp.xz.cn plugins are stored on the ww.wp.xz.cn server and can be downloaded and installed through a system called “SVN“. When and update to a plugin or theme is available to you, ww.wp.xz.cn pings your website to say “Version X.X.X” is available for you to download. When you click “update” you then authorize all those files in your website to be updated based on a version number stored on the SVN repo. For example, you could even try rolling back our plugin to version 1.6, you can see all our history of versions here:
https://plugins.svn.ww.wp.xz.cn/wp-rollback/tags/
The default behavior in WordPress currently is that once you’ve updated a plugin/theme, you can’t roll it back from within the admin. If you have a problem with a plugin/theme update, you can’t easily reverse that update. The only way you can do that is to manually go that that plugins SVN repository and find the previous version and download it via command line or some other SVN tool, because there is no way to download a ZIP of an old version from the SVN repo.
So this plugin makes that manual process something you can do within the interface of WordPress itself – you don’t have to know how to navigate SVN or anything like that.
What this Plugin Doesn’t Do
We cannot know or predict or determine what rolling back any of your plugins/themes will do. Because of that reality we try to educate our users on proper WordPress site maintenance practices, like having daily full-site and database backups and knowing how to restore your site. WP Rollback is not a fullsite backup or database backup tool – it only allows you to rollback (or forward) a plugin/theme version which you could normally do manually when/if needed, but with WP Rollback you can do that directly in the interface
How WP Rollback can help you and your site stay safe
We made WP Rollback because there are too many instances where a plugin/theme update causes breakage to a website, and most WP users don’t know how to access older versions of their plugin.
You can scan all our 5-star reviews and see people saying things like “Lifesaver” or “{X} plugin broke my site, but WP Rollback helped me restore it”. That’s because they didn’t have any other practical options to roll back those plugin/theme updates.
Since we launched WP Rollback, several important improvements to WordPress core have happened
- Restore mode – if a plugin update (or rollback) breaks your site, you can now still access the admin and deactivate that plugin to restore functionality to your website. This wasn’t available when we first launched WP Rollback
- Theme/Plugin Update by ZIP – If a plugin/theme update breaks your site and you reach out to the plugin/theme author and they provide you with an older version of the plugin/theme as a ZIP file, you can now simply use the “Add Plugin”/”Add Theme” functionality to update to that older version of the plugin. This is great in those circumstances, but often free plugin/theme authors aren’t super responsive to requests like this, so again you’d have to navigate SVN yourself to get that old ZIP
Again, WP Rollback is not a site backup solution, nor a database backup solution. We highly recommend that all WordPress users have effective and easy ways to have daily backups and know how to restore their sites. This is just part of owning a WordPress website.
Lastly, WP Rollback is free code licensed under GPL. This means you have rights as a user of this free code, but also responsibilities. When you install any plugin/theme from ww.wp.xz.cn on your website, you become the owner of that code, it belongs to you and it your responsibility.
We stand behind the purpose and functionality of WP Rollback, as do the 200K+ active users, and the 180+ 5-star reviews.
I’m happy to answer any other questions you might have, and wish you a solid and stable and successful WordPress experience.
Forum: Plugins
In reply to: [Force Login] Bypass everywhere with query paramI attempted the following, and I see the cookie present, but it’s not bypassing the login.
/** * Bypass Force Login to allow for exceptions. * * @param bool $bypass Whether to disable Force Login. Default false. * @return bool */ function bypass_cookie( $bypass ) { // Allow URL if query string 'parameter' exists //if ( isset( $_GET['bypass'] ) ) { // $bypass = true; //} // Allow URL where 'value' is equal to query string 'parameter' if ( $_GET['bypass'] == 'yes') { setcookie("BypassCookie", 'yes', time()+3600); //expire in 1 hour $bypass = true; } if(isset($_COOKIE['BypassCookie'])){ $bypass = true; } return $bypass; } add_filter( 'v_forcelogin_bypass', 'bypass_cookie' );Forum: Plugins
In reply to: [Donation Form Block for Stripe] Blocks not savingHi there, I work with GiveWP and I was just experimenting with this block plugin today and experienced something very similar. I was able to get a workaround going by essentially configuring and saving the block once I had every setting changed. My guess is that there’s something off about the default values of the form compared to what’s shown in the block settings and it’s just making it impossible to save the block if you haven’t physically changed every option. Definitely something we need to fix.
I’d also really prefer not to have to wrestle your styles to make this look good out of the box. Some simple CSS snipetts in your FAQ would go a long way.
Forum: Reviews
In reply to: [WP Rollback - Rollback Plugins and Themes] So Easy! Luv WP Rollback!So glad to hear it! Thanks for the great review!
No, WP Rollback only allows you to switch the physical files of the plugin/theme to a different version. It does not take a snapshot of your entire environment or your database like a traditional backup solution.
For that we suggest using Backup Buddy.
Keep in mind that often plugin authors — like WooCommerce — will create new database tables, but the old ones will still be available as well. So if you revert WooCommerce back to a previous version your old values in the old tables might still be present so there’s some things you can still work with in that circumstance. But that’s why it’s vital to have a database backup (via Backup Buddy) so you can easily revert those changes back and forth as well.
Best of luck!