icks13

@wfphil today by checking live traffic I’ve just found out that Wordfence has detected this:

Croydon, United Kingdom arrived from https://my-site-ip/public/?s=index%2Findex%2Findex and was blocked by firewall for SQL Injection in query string: s=index%2Findex%2Findex at https://my-site-ip/public/?s=index%2Findex%2Findex
10/31/2019 7:32:20 AM (8 hours 48 mins ago)
IP: 5.62.43.79 Hostname: r-79-43-62-5.consumer-pool.prcdn.net
Human/Bot: Human
Browser: Chrome version 0.0 running on Win10
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36

the IP 5.62.43.79 is registered to Avast Software.

So, isn’t that Wordfence when it’s about SQL injection is generating a lot of false alerts? (literally a lot)

Because Trend Micro, Fireeye and Avast are all involved in cyber security, so perhaps when they check something in the way in which they check it, Wordfence wrongly detect it as SQL injection

@wfphil ok I understand your explanation but then I do not understand the explanation of Trend Micro, which is the customer of Amazon AWS that is constantly getting blocked by Wordfence as SQL injection attempt.

Trend Micro stated that is not a malicious action and that they are simply performing a check on the exact URL used bu their customer. (Apparently they are a cyber security business)
Wordfence is showing this URL https://my-website-server-IP/public/?s=index%2Findex%2Findex and so for me is difficult to imagine a person that type such URL and this make Trend Micro explanation a no sense at least for my ignorance on this matter.

@wfphil as I was saying the information provided by Wordfence, does not please AmazonAWS all the time, once in a while they reply (just received):

* Complete, accurate timestamps of the activity including:
– Date
– Time
– Time Zone

* All source IPs
* Log extracts showing the intensity and duration of the activity

and other times they ask:
* Destination IP(s)
* Destination port(s) and protocol(s)

also, is it accurate Wordfence when detect an SQL injection or can make mistakes

@panascanic thank you! I’m not a tech guy but I’ll ask to a friend of mine to have a view.

However what about the capability of Wordfence to correctly detect an SQL Injection? Do you know if is what it is, or Wordfence can interpret one thing for another? and so give a wrong information? ty

“Two of their clients answered back this” refers to Amazon AWS. When you report to Amazon AWS they take your report and send it to the company who is using their server, the company answer back and the tell you what the company has said.

I think what you are trying to say is that you are giving other people’s unsatisfactory experience of trying to report abuse to AWS.

No, what I’m trying to say is that Wordfence report SQL injection from Amazon AWS, while Amazon AWS report their customers reply (two of them so far) saying that basically is not an SQL injection, putting me in the situation of not understanding if Wordfence detect wrong report SQL Injection or not.

For the things that AWS support want to see then you can send them screenshots from your Wordfence Live Traffic page feed

No I can not, because like I’ve said is what I was doing until at some point, Amazon AWS replied that such data were not enough and wanted the things listed above.

@goldendust20 I had the same problem also with my images uploaded in woocommerce. Just found the solution. You can solve it by enabling lazyload function. Tested with Smush and also with WP Rocket, I guess it will work with any other plugin providing this function.

Do not ask me how, I leave this question for you geek @braehler @serafinnyc , but enabling “LazyLoad” the problem is solved and GTMetrix gives a 100% in Serving Scaled Images.

If anyone have solved this problem and can help me using understandable words for not dev user, fill you free to reply, ty!

@serafinnyc
yeah, but when you give me this link https://imgur.com/kQDxVr1 and the original message I wrote that there, the sizes are 1000px and 600px and in GTmetrix the original uploaded images with size 2048 are scaled at 263 and those uploaded at 800 are scaled at 228, that link on imgur it does not help to understand what actually should I change and what size use, as well the code suggested by @braehler

If I upload images with 263px, then GTmetrix will probably not detect a scaling problem, but those 263px images are the images displayed in the product page, which currently are 600px, at that point I will 263px product images, or possible resized at 600 but blurred, dunno.

GTmetrix suggest this: https://gtmetrix.com/blog/how-to-optimize-images-a-practical-guide/

which I’ve tried and then I’ve upload the 2048px image resized at 685px, but it didn’t work because GTmetrix found that also that one was scaled, this time at a different size than 263

@serafinnyc

that part is not related with the images displayed in the shop page as explained previously here:

That 263×263 is the size of the product thumbnails displayed in my browser when I click on the shop page.
However the real size of these thumbnails is 600×600 because when you right click on it “open image in another tab”, you get a picture sized 600×600 which is the default size of woocommerce that you can get in Customizing -> WooCommerce -> Product Images

ergo, changing the default sizes in Customizing -> WooCommerce -> Product Images will make no difference, and in fact it doesn’t. I’ve uploaded product pictures of 1000×1000 and they end up to be scaled anyway, also those one 800×800 are scaled to 263×263.

The images in shop the page seems to be scaled to fit for the screen size I guess

@braehler thank you but that is the developer part I was mentioning at the beginning and really it’s not for me:D

@braehler I do not think is the same, no one of this sizes match the ones displayed in the shop page. Shop page and certain images in the project pages are scaled as 263×263 from 2048 or 228×228 from 640

In the media settings I see:

Thumbnail size Width 150
Thumbnail size Height 150

Medium size Max Width 300
Medium size Max Height 300

Large size Max Width 1024
Large size Max Height 1024

I get it, but I don’t understand if is mandatory or if I can use PayPal Express Checkout instead of PayPal Plus

in relation of this:

There is also the problem connected with my last update and related to this screenshot https://ibb.co/js8gxo where even if the guest checkout is enabled, customer is forced to create a PayPal account

the above part is solved but I have to say that your guide seems based on the following principle:

“as soon as the user leave the plugin to interact with PayPal I will not provide further explanation in the guide”

also I think you should consider that while you are based in USA this plugin is used everywhere around the world and some stuff may not match, for example I have no clue where is this “website references” indicated on mouse over close to the checkbox the allow customer for guest checkout. PayPal account sandbox? PayPal account use to receive the payments? well, for sure is not in the paypal account I use to receive payments.

Remains to understand why the API username remains the same with @gmail at the end.

Thanks

Hello Oliver,

thank you for your reply.

Well I’m confuse ’cause I’m missing information, I don’t know how I did it the first time ’cause I remember was much super fast.

– When you say “in your PayPal business account” you mean the business account created withing the sandbox?

Ok, then I will choose NVP/SOAP API, I can get there by clicking on the link in your plugin:
https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-api-run

The problem is that it will shows me this:

https://prnt.sc/jtu13g

the API username and signature are OLD. The belongs to the old email address we have used to register our PayPal account, now we have a new primary address.
In a previous thread here, you have said to use the new email address to get the API details.

Apparently I can’t, because like I’ve preivously said, I’ve clicked on remove many times, but these API are not removed, they are always there and I’m sure, because the old email was ending with @gmail.com and that API username is still ending with gmail.com instead with our store domain and does not matter if I remove and then I select NVP/SOAP API integration (Classic), the signature will change but the API username will remain the old one.

There is also the problem connected with my last update and related to this screenshot https://ibb.co/js8gxo where even if the guest checkout is enabled, customer is forced to create a PayPal account

ty

Ok, I have some problem with sandbox too. I can’t do an Express Checkout Payment without having a PayPal account, I mean neither test it actually.

I think that the reason this time it’s because when I’ve created the sandbox account I have specified Germany as country of the business (sucking choice since I live here but I do not speak German -_-)

I wanted to test a payment like the other times using a fake customer profile I’ve registered with my personal hotmail address, unfortunately, even if the checkout is marked to allow guests, it’s not working, is forcing the login into a PayPal account.

https://ibb.co/js8gxo