ambujgarg

Hi – Problem was resolved with the prompt help of the plugin author Jeff. Thanks a lot.

Hi Eli – Thanks for following up. Please find updates below:

1. I excluded the test staging site and deleted the backups, which reduced scanning time by 1 hour from 2 hour 50 min last time to 1 hour 50 minutes now. But my site is more heavy than an average WP site and there are lot of plugins installed out of which only few are activated at any time. But they are all checked by the Anti-Malware, so that might account for the longer time. To give an idea, your plugin was continuously checking different files and scanned over 3300 folders, taking an average of 2 seconds to scan each folder. Not sure how does it compare with average scan time per folder elsewhere. Is it normal, or can it still be faster? I really don’t know.

2. The false positive .htacess threat and the PHP notice for GOTMLS which happened immediately after the cron job, are gone now, thanks to your quick updates.

3. Now, there is a new PHP notice for GOTMLS which comes up immediately after I start the complete scan with GOTMLS (again not sure whether it is a cause of concern or not):

Undefined offset: 1
Type: PHP Notice Line: 938
File: /home/wwwfin5/public_html/wp-content/plugins/gotmls/images/index.php

This relates to the GOTMLS code: $GOTMLS_dir_at_depth[$current_depth]++;

4. Right at the time, the complete scan of GOTMLS plugin is about to end, it starts rescanning a few folders again, and then upon completion, it gives a read/write error for the “BackWpUp” plugin saying it could not read one specific folder within it. I can’t give you the exact sub-folder name, as the screen has got refreshed, and I don’t know if there is any way to keep track of the errors GOTMLS found during scanning.

5.Your plugin is already very good and I have already rated it 5*, Couple of suggestions for improving it further if they can be implemented:

a) The GOTMLS scanning logs and errors/threats should be stored somewhere where we can easily access them at any time, and take action later if not sure immediately.

b) Automatic scheduling feature of GOTMLS scans on a weekly basis can be included in the future updates (it can be a part of the donation or paid package).

Request you to kindly revert on the above points. Thanks again for the help,

Best,
Ambuj

Thanks for clarifying.

Thanks. Understood ??

Thank for the clarification.

Thanks for the guidance. Appreciate it.

Hey Jeff – The URLs not working are with BBQ activated are:

https://www.[my-sitename].com/wp-admin/admin.php?page=backwpupbackups&ip-geo-block-auth-nonce=9835382ee5#TB_inline?height=440&inlineId=tb-download-file&width=640&height=412

https://www.[my-sitename].com/wp-admin/admin.php?page=backwpupbackups&action=delete&jobdest-top=2_DROPBOX&paged=1&backupfiles%5B0%5D=%2%5Bsitename%5D%2F2018-08-06_11-01-59_VKYVVZL302.tar.gz&_wpnonce=94e9beec6f

Please let me know if you can help. I use ip-geo-block plugin also. Thanks.

Hi – I had a similar problem. Narrowed it down to a plugin conflict with BBQ firewall plugin. Try deactivating all security plugins, and then try manual download again. If resolved, activate them one by one to figure out the conflicting plugin. May be it can help.

Thanks. Will figure out the URL involved and let you know as suggested.

Regards,
Ambuj

Hi again – I have received the below response from the BBQ plugin author, and need your help to figure out the corresponding URL of Backwpup plugin getting blocked:

BBQ Plugin Author Response – “Yeah whenever a URL is blocked, it means that it contains some character or string that is blocked in the BBQ firewall. In order to resolve the issue, we need the actual URL which is blocked. The best way to get that information is to examine the code directly (via Chrome Inspector for example). If that is not possible, hopefully the plugin developers will know. Once you know the involved URL that was blocked (when you try to delete or whatever), then let me know. I should then be able to provide a solution for you.”

Request you to help identify the relevant URL, so that I can resolve it with BBQ.

Thanks,

Hi – An update – the above issue seems to be due to a conflict with BBQ firewall plugin. If BBQ is deactivated, the manual download/delete works normally again. Please let me know if you have some suggestions to resolve this conflict without disabling either one.

Thanks,

Hi Jeff – This is a separate BBQ issue (not related to PHP 7 compatibility), not sure if I should create a new support thread for this one, so posting it right here.

Along with BBQ, I also have a backup plugin BackWpUp activated on my site. Now, there is a conflict among these 2 plugins. When both BBQ and BackWpUp are activated, and I try to delete or download my BackWpUp backups manually from the admin account, I get the following message:

Access to https://www.[mysitename].com was denied
You don’t have authorization to view this page.
HTTP ERROR 403

As soon as I deactivate BBQ on my site, I am able to manually delete and download my Backwpup backups from the admin account. Just to clarify, I am able to create new backups, schedule automated backups, etc., just not able to delete or download them manually. There are no settings in BBQ to be checked, and I have cross-checked the settings of BackWpUp plugin several times. Have not been able to resolve the conflict.

Also, posted a support thread in the BackWpUp plugin forum, as I am not sure of the reason of this conflict. But it seems like firewall settings in BBQ may be a little too tight, and somehow restricting my admin authorization.

Request you to please check at your end and revert. Thanks again for your support.

Best,
Ambuj

Thanks for the prompt response and clarification. I have installed your plugins BBQ and Blackhole for Bad Bots along with other security and firewall plugins as well as CDN for multiple layers of security. I don’t receive any messages about bad bots, etc. to say for sure about the efficacy of each one, but my site continues to remain secure and safe, so I believe that all of them are silently doing their job very well behind the scenes.

Cheers,

Thanks. Thats helpful.

Thanks for your prompt response. One more question – in the free version, can we set the site to be under maintenance/construction for all logged out and logged in users (except admin), so that only administrator role can access the site, while no one else can.

Please confirm the above.