Again BuddyPress

  • Resolved livingflame

    (@livingflame)


    7 years, 4 months ago

    This plugin can be Better! But please, includes:

    – More Support for BuddyPress and BbPress (including rtMedia or BP Activity Plus).

    – Compatibility with Wordfence.

    – More Options (compare your plugin with Other: iTheme Security).

    And remember, some functions or options AIOS does not work with BP, for now.
    Captcha, etc.

    Necesary functions for BuddyPress:

    – Username protection:
    When you create a Site with WP, the same username is by default your nicename or nickname, this is a problem. You know about Author Enumeration Vulnerability: ?author=1, and this problem has solution, but, the other: username expose, needs manual solution: For Admin:

    If you change your nickname in Dashboard / Users this NOT change nothing inside DataBase. So, you need to go: Phpmyadmin / wp_users and change the nicename here. Bad solution for noobs.

    And for the others users: Editor, Suscriber, etc. The same problem.

    You can see the username of an author if you do right click on the public name (from a post, or wherever), and Inspect (using Chrome).

    For new registered I have a function php:

    function set_default_display_name( $user_id ) {
$user = get_userdata( $user_id );
$name = sprintf( '%s %s', $user->first_name, $user->last_name );
$nickname = sanitize_user( strtolower( str_replace( ' ', '', $name ) ) );
$args = array(
'ID' => $user_id,
'display_name' => $name,
'nickname' => $nickname,
'user_nicename' => $nickname
);
wp_update_user( $args );
}
add_action( 'user_register', 'set_default_display_name' );

    Well, this code change automatically the nicename or nickname for the name: If the username is wpeditor02 and the name is John Doe, so the nickname is johndoe. And in BuddyPress: @johndoe. Problem solved for new users. But, for old users, you need to Update manually nickname by nickname (from Dashboard / Users, because with this code works, but with Keymaster is other case), very tedious.

    – A Honeypot for Register Form
    Check: https://github.com/pixeljar/BuddyPress-Honeypot

    – Restricted Emails, only acept valid emails

    Function:

    add_option('limited_email_domains', array('yahoo.com', 'outlook.com', 'hotmail.com', 'gmail.com'));

    If someone tries to register using an invalid email, they immediately receive a message:

    This email is not valid.

    – Report User Button (Motives: Spam, Explicit Sexual Content, Harassment, False Profile or Identity Theft, Ofensive post, comment or message)

    – Ban User:
    There is a plugin named BAN Users, but is incomplete.
    Your Ban User functions can be more complete:

    . Ban Login
    . Ban Activity (a banned user can’t posts for 24 hours, 15 days or whatever. Ban upload photos if rtMedia is actived)
    . Ban Comment (“”)
    . Ban Send Message and Mentions (public message) (” “)
    . Ban Add New Friends

    – Manual Approval for New User

    – Manual Approval for Contents (If rtMedia is active, photos…)

    – Force (New Registered) to use Strong Pass. (Optional: Force user to change pass after 1 month, 2 months… whatever)

    – WP Emails go to Spam Folder (hotmail…),
    Yes, this is a problem if you wants a Community with BuddyPress or a Forum with BbPress. Solution: Install WP Mail Bank plugin, use PHPMailer config. But, All In One can to includes the same function of Mail Bank.

    CHECK MY COMPILATION OF SECURITY AND SPEED. htaccess and functions.php
    GOOGLE DOCS LINK.

    Sorry for my bad english ??

    @chesio
    @mbrsolution
    @wpsolutions
    @tips-and-tricks-hq

    • This topic was modified 7 years, 4 months ago by livingflame.
Viewing 1 replies (of 1 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Hi, thank you for reporting this. The plugin developers will investigate further your request.

    Kind regards

Viewing 1 replies (of 1 total)
  • The topic ‘Again BuddyPress’ is closed to new replies.

Tags