Arp Laszlo

I had to restore a backup and start over and have not enabled captcha again. This is also a WooCommerce site, which may explain the front end issue. I do have caching on the site, what would you suggest for whitelisting things to be able to use captcha? Or can I get by without captcha and just leave the ‘I’m a human’ checkbox?

Adding a file called ‘forceOff’ in /plugins/wp-simple-firewall does not work (and I did load a site page first before trying to login).

Hiding the plugin folder lets me log into the site but un-hiding it logs me out & says I need to login to create a Shield Session.

So I’m not sure how to proceed, aside from deleting the plugin, deleting its database table, and starting over.

It’s subscriber currently but I edited that in the database last night. It should not have been set to administrator, and only two people had administrative access to the site. I’ll have to wait & see if it happens again to see if this was the issue or not.

But you don’t have anything like Sendgrid support built in?

So how long have you known about this issue? Did you try to notify users?

Thanks for clarifying. You may want to note this in your documentation as there is no indication that it is a premium feature. It’s quite misleading.

Scratch that, it was my fault. They are being sent.

I forgot – the issue also deletes Content Templates in the Toolset plugin settings. The whole thing is messed up.

Ours is specific to site owners who delete users from the RM settings. The role doesn’t matter, as it’s happened to people who have a custom role as well as administrator.

Will do, thank you.

The log notes a lot of messages with:

Subject: [Our Website Name] Email Changed
Sent To: (blank)
Status: No recipient forward path has been supplied

The ‘View’ is what I copied in my first post, and the session transcript does not say anything that implies a specific plugin as a source.

We do not. Would that be a potential source or something we can use to troubleshoot?

Yep.

Oh ok. Thanks a lot for mentioning it, much appreciated. What I found on my site was an admin user with the email address ‘[email protected]’ and scripts that were redirecting content links (but not nav links) to various pop ups & pop unders.

What as the redirect in your htaccess going to?

I did, there’s nothing out of the ordinary in it. Besides your plugin, are the other symptoms the fake Yandex admin user and an edited htaccess file?