bios4
Forum Replies Created
-
Hi Aert,
thanks for your reply.
It is the cookie set by the “All In One WP Security & Firewall“-plugin, containing the information for the “rename login page URL” feature.
This means as soon as the cookie is deleted, the login status of the user is gone, too. If this is not “functional”, what else is? ??
The feature is described on their site as follows:
“Ability to hide admin login page. Rename your WordPress login page URL so that bots and hackers cannot access your real WordPress login URL. This feature allows you to change the default login page (wp-login.php) to something you configure.”So the “name” of the cookie is highly customizable, because it reflects the “secret login page URL slug” the user selects. Thus I assume it will as good as never be recognized by the cookiedatabase.org API
I hope that helps!??
Additional info:
-
I defined a (fictitious) “service” and assigned the cookie in question to it.
- The “purpose” of the cookie in question is set to “functional”.
- All parts of the Complianz-UI tell me that everything “should be fine” (meaning all cookies, services, etc. are marked with the green check sign).
And one more question:
Is it necessarily required that “show cookie in cookie policy” is checked for all functional cookies?
Because it seems that the plugin does not properly work also when this checkmark is disabled for (a) certain cookie(s)…The issue affects all pages, where a date range can be selected. It seems that this is caused by an erroneous usage of esc_url() in the function which generates the date range selection links.
I did not recognize from the headline that your post deals with the same issue, so I opened a similar post here…
Forum: Plugins
In reply to: [Antispam Bee] Fehler: Bitte gib einen Kommentar einHallo @zodiac1978,
Habe mit Version 2.7.1 das selbe Problem wie @99deeplack und war sehr froh, hier eine vermeintliche L?sung gefunden zu haben…
ALLERDINGS: ich sehe keinen Unterschied auf Code-Ebene zw. der Version 2.7.1 aus dem Plugin-Repository hier und der Master-Version von Github!???
Woran k?nnte es also liegen, dass ich das Problem “Bitte gib einen Kommentar ein” auch mit Version 2.7.1 noch immer habe?
Freue mich über Antworten…
Danke,
MikeForum: Plugins
In reply to: [Comments - wpDiscuz] Blank warning boxGood point – I also would like to know which condition makes this box visible in that case.
Please explain!
- This reply was modified 7 years, 10 months ago by bios4.
Forum: Plugins
In reply to: [Maintenance] New TinyMCE field for “description” strips formatting!?Great to hear – I’m looking forward to testing the new version.
I will mark this issue as resolved as soon as it turns out that everything works as expected…Merry Christmas to all!
Thanks,
Mike- This reply was modified 7 years, 11 months ago by bios4.
Hi ?eslav,
thanks for your reply.
I was not expecting a fix (soon), especially an “easy one”.
But I wanted to hear back from you and what your options are on that issue.I see (and did already) that one can clean up the code on .htaccess-level, so I am fine for the time being.
Maybe one of the other developers is interested in diving into that issue, so that (maybe) there can be a fix in any future version.
Thanks for your time and Merry Christmas!
Mike
Hi,
any follow-ups on this?
Forum: Plugins
In reply to: [Comments - wpDiscuz] Error messages in comment form not showingHi,
I’d like to chime in on this statement
wpDiscuz uses browser validation messages
Can these validation messages be overwritten somehow?
My page uses the “personal” form of address (the German “du”) instead of the professional form (“Sie”) throughout the whole page, but the “Please fill the required field”-message (which come from the browser, as I learned? ^^) uses the professional form.
It would be great if you could put the validation messages also to the “Phrases” section of the plugin to be freely translated.
What do you think?
Thanks,
MikeP.S.: currently using plugin version 4.0.2
Forum: Plugins
In reply to: [Comments - wpDiscuz] Move Form under Comments+1 from me regarding this suggestion!
Having the comment field above all the comments does not make much sense, especially when having the sort order set to “old comments first”, as one would have to scroll to the very bottom of all comments and scoll back up to leave a new reply.
@aghasi @gVecors Team: do you think we can have that functionality soon?
If it is not planned to be available short-term: do you have suggestions how I could make this happen on my own? I’m used to PHP/CSS etc., but I need a hint where to look and start at… ??
Thanks,
MikeP.S.: currently using plugin version 4.0.2
?eslav,
I got a response from my hosting provider in the meantime.
They confirmed that a “mixed syntax” for Apache < 2.3 AND Apache 2.3+, as it is written to .htaccess by the plugin currently, does NOT WORK with the
mod_access_compat-module enabled!The module provides the possibility to use EITHER old OR new syntax, but NOT both in one .htaccess file AT THE SAME TIME…
Which leads me to the next issues: knowing that, it is not anymore affecting only the blocking of IPs with the blacklist manager, but also ALL OTHER features where the “either/or”-syntax is used!!!
– WordPress file security (license.txt, readme.txt, wp-config.php)
– .htaccess file security
– 6G firewall (bad_bot)
– XMLRPC-securtyThis seems to be quite some impact to me.
Any ideas?Thanks,
Mike- This reply was modified 7 years, 11 months ago by bios4.
Just to make sure:
_e('Log into your site's WordPress administration panel to see the duration of the lockout or to unlock the user.','all-in-one-wp-security-and-firewall');This ^^ would result in a non-translatable string!
If you’re using single apostrophes in the sentence to be translated, you have to wrap it in double quotes:
_e("Log into your site's WordPress administration panel to see the duration of the lockout or to unlock the user.",'all-in-one-wp-security-and-firewall');- This reply was modified 7 years, 11 months ago by bios4.
Hi ?eslav,
thanks for investigating this issue!
I can reproduce your problem only when I enable some other firewall features in addition to blacklist manager
This sounds reasonable, as I have almost all other firewall features enabled, too:
– Basic firewall
– XMLRPC (blocking all access)
– Debug file security
– Extended firewall (all features)
– 6G firewall
– Bot security
– Hotlink prevention
– 404I will ask my hosting provider if there is a specific reason for them to have the
mod_access_compat-module enabled or if it can be disabled for my hosting package without any further downsides.Is there anything you could do on development side to make the plugin properly work also for such configurations?
Is there maybe a chance to find out on code-level which version of Apache is running, and deciding based on the outcome of this check whether to apply the old or the new syntax?
Or would the fact that
mod_access_compatis enabled also hinder the .htaccess from working properly even if there is only EITHER/OR of the code available?Thanks a lot for your efforts!
[EDIT]: by the way – all other features seem to work flawlessly as far as I can say…
That’s ^^ what I thought, too.
But blocking of my own IP worked only without the
<IfModule...>sections, and only with the older syntax of Apache < 2.3.And yes –
mod_access_compatis also listed in the “Loaded Modules” section…- This reply was modified 7 years, 11 months ago by bios4.
OK – I had time for some tests unexpectedly…
Outcome:
- all
Order allow,deny–Deny from <IP-address>variants are working - all
Require not ip <IP-address>–Require all grantedvariants are NOT working mod_authz_coreis listed in the “Loaded Modules” section of phpinfo()
Any idea?
[EDIT]:
The<IfModule...>-directives seem to fail ^^I couldn’t find out the exact Apache version by checking phpinfo(), BUT
mod_authz_coreIS listed in the “apache2handler” > “Loaded Modules” section.I will check the functionality by blocking my own IP as soon as I find time for it…
Thanks for now!