646lodi com login password.Makakuha ng libreng 700pho sa bawat deposito

Resolved livingflame
(@livingflame)

7 years, 4 months ago
This plugin can be Better!

– More Support for BuddyPress and BbPress (including rtMedia or BP Activity Plus).

– A Firewall or Compatibility with Wordfence.

– More Options (compare your plugin with Other: All In One Wp Security And Firewall).

Necesary functions for BuddyPress:

– Username protection:
When you create a Site with WP, the same username is by default your nicename or nickname, this is a problem. You know about Author Enumeration Vulnerability: ?author=1, and this problem has solution, but, the other: username expose, needs manual solution: For Admin:

If you change your nickname in Dashboard / Users this NOT change nothing inside DataBase. So, you need to go: Phpmyadmin / wp_users and change the nicename here. Bad solution for noobs.

And for the others users: Editor, Suscriber, etc. The same problem.

You can see the username of an author if you do right click on the public name (from a post, or wherever), and Inspect (using Chrome).

For new registered I have a function php:
```
function set_default_display_name( $user_id ) {
$user = get_userdata( $user_id );
$name = sprintf( '%s %s', $user->first_name, $user->last_name );
$nickname = sanitize_user( strtolower( str_replace( ' ', '', $name ) ) );
$args = array(
'ID' => $user_id,
'display_name' => $name,
'nickname' => $nickname,
'user_nicename' => $nickname
);
wp_update_user( $args );
}
add_action( 'user_register', 'set_default_display_name' );
```
Well, this code change automatically the nicename or nickname for the name: If the username is wpeditor02 and the name is John Doe, so the nickname is johndoe. And in BuddyPress: @johndoe. Problem solved for new users. But, for old users, you need to Update manually nickname by nickname (from Dashboard / Users, because with this code works, but with Keymaster is other case), very tedious.

– A Honeypot for Register Form
Check: https://github.com/pixeljar/BuddyPress-Honeypot

– Restricted Emails, only acept valid emails

Function:
```
add_option('limited_email_domains', array('yahoo.com', 'outlook.com', 'hotmail.com', 'gmail.com'));
```
If someone tries to register using an invalid email, they immediately receive a message:

This email is not valid.

– Report User Button (Motives: Spam, Explicit Sexual Content, Harassment, False Profile or Identity Theft, Ofensive post, comment or message)

– Ban User:
There is a plugin named BAN Users, but is incomplete.
Your Ban User functions can be more complete:

. Ban Login
. Ban Activity (a banned user can’t posts for 24 hours, 15 days or whatever. Ban upload photos if rtMedia is actived)
. Ban Comment (“”)
. Ban Send Message and Mentions (public message) (” “)
. Ban Add New Friends

– Manual Approval for New User

– Manual Approval for Contents (If rtMedia is active, photos…)

– Force (New Registered) to use Strong Pass. (Optional: Force user to change pass after 1 month, 2 months… whatever)

– WP Emails go to Spam Folder (hotmail…),
Yes, this is a problem if you wants a Community with BuddyPress or a Forum with BbPress. Solution: Install WP Mail Bank plugin, use PHPMailer config. But, iThemeSecurity can to includes the same function of Mail Bank.

Sorry for my bad english ??

@ithemes
@mattdanner
@gerroald
@chrisjean
- This topic was modified 7 years, 4 months ago by livingflame.
- This topic was modified 7 years, 4 months ago by livingflame.
- This topic was modified 7 years, 4 months ago by livingflame.

Viewing 1 replies (of 1 total)

Thread Starter livingflame
(@livingflame)

7 years, 4 months ago
My full compilation: Security and Speed.
Please check all .htaccess and functions .php
LINK GOOGLE DOCS.

@ithemes
@mattdanner
@gerroald
@chrisjean
- This reply was modified 7 years, 4 months ago by livingflame.

Viewing 1 replies (of 1 total)

The topic ‘iTheme Security updates…’ is closed to new replies.