IvanRF

• The Hackers Diet | A WordPress weight loss plugin
• Downloads | Rob Lester Jr

• Download – Stepan Jirka

• This reply was modified 7 years, 8 months ago by IvanRF.

Also, to clarify, the 403 Forbidden error is thrown by the captcha plugin? or your plugin only outputs a page response? (and thus the forbidden response maybe come from Wordfence)

Update: I think I found my answer on js/front_end_script.js lines 65-66 (you should throw only one alert() with xhr.status + ' ' + thrownError).

• This reply was modified 7 years, 10 months ago by IvanRF.

Thanks for the reply.

I downgraded the version of W3 Total Cache to 0.9.5.1, and now your plugin works fine (as it used to).

I think you should make some tests running the Captcha plugin and the latest W3 Total Cache 0.9.5.2. What I found with that version is that when you “Purge All Caches” the Captcha works fine, but after 24 hours the 403 Forbidden error is thrown when trying to refresh the captcha.

Let me know if you need more info.

@kilgore thanks! ??

By deleting 3 files from W3TC in the \wp-content folder I was able to get the admin back (advanced-cache.php, db.php, object-cache.php).

No need to remove the W3TC folder. Also, to recreate those files again I deactivate and activate W3TC from the plugins section.

• This reply was modified 7 years, 10 months ago by IvanRF.
• This reply was modified 7 years, 10 months ago by IvanRF.
• This reply was modified 7 years, 10 months ago by IvanRF.

Thanks! after several days I can confirm that with Object Cache disabled it works fine.

I use W3TC. I tested deactivating the Minify function, but it didn’t work. Could it be Object caching or Database caching? or your plugin will never work with W3TC?

Replying to myself, I disabled the Object Cache and the captcha seems to be working fine by now.

You should add a note somewhere (maybe after plugin activation) for users with W3TC installed letting us know that Captcha by BestWebSoft is not compatible with Object Cache.

• This reply was modified 8 years, 2 months ago by IvanRF.

Taking a look at the code, I see on function cptch_display_captcha that you read key and time from a database option get_option( 'cptch_options' ). Since you add that option by using update_option(), the add_option() is called using $autoload = 'yes'.

There is a related question here.

On cptch_generate_key(), saving values on a new not autoloading option might be the solution. Your current code:

...
$cptch_options['str_key']['key']  = md5( $str_key );
$cptch_options['str_key']['time'] = time();
update_option( 'cptch_options', $cptch_options );

• This reply was modified 8 years, 2 months ago by IvanRF.
• This reply was modified 8 years, 2 months ago by IvanRF.

Please try to deactivate your caching plugin and check how captcha works. The case is, when you use some caching plugins, the page with captcha is downloaded from the cache, and accordingly, new answer is never the same as the old question. That’s why this problem occurs.

I’m having this same issue and that answer is not really helpful. Deactivating a caching plugin in a site with thousands of entries is not an option.

Could you be more specific about which function of a caching plugin causes this?

I use W3TC. I tested deactivating the Minify function, but it didn’t work. Could it be Object caching or Database caching? or your plugin will never work with W3TC?

Developers of the other plugin came to the conclusion that is a problem on your end (single quotes).

You can read their analysis here.

The issue you had with WP-SpamShield was a configuration issue on your site, not false positives.

The place to discuss about your plugin is here.

The aim of this thread is to know what Wordfence does against this kind of attacks.

Every spam comment goes to the DB and has to be processed by WP. A high flow of spam comments could easily cause a DoS on a site. So, I want to know if Wordfence is going to support this or is already a Pro feature.

Numbers:

• 989 SPAM and 1 HAM classified by the plugin in 4 days
• from the 989 SPAM, 31 were HAM
• thus, 31 False Positives

Now, I saw how my site was blocking comments with Javascript/Cookies messages.

I do believe what you claim about your algorithm, since there are lots of good reviews for the plugin. However, you can’t ignore the facts that I’m presenting and try to work on a solution at least.

To start with, make a test environment and install W3 Total Cache with Object and Database caching enabled. I also have Page Cache, Minify and Browser Cache enabled in the plugin.

I was receiving a constant flow of spam to the site, so I’m pretty sure that caching is the one to blame here. I don’t have time to make a full test on this, but you should.

First, I should clarify something. I do know what a False Positive is. Here you can find an essay about SMS Spam Filtering I did years ago.

It’s funny that you marked this issue as “resolved” when it’s not, and you told me to give you the chance to give support. Well, here I am.

From what I can tell, you submitted your support request after posting the negative rating.

No, that was not the order, WP shows the date for my first review. The day I installed this plugin I give you 5 stars, since you solved my issue at the moment. That’s why I wrote “Update:”.

We offer outstanding support. You should give us a chance to help you.

You’re right, it was an impulse after spending too much time doing the classification algorithm job manually. That is, going over 1000 comments in search of HAM messages.

What you’re describing is not a false positive.

Yes, it is. HAM messages marked as SPAM is a False Positive.

When developers spend so much time developing free plugins for the WordPress community, is it really ok to post a 1-star review without making any reasonable effort to receive support?

Again, you’re right. I’m moving to 3-stars as a middle ground, but I can’t lie to community users either. What happened in my case it’s a fact, needs a fix, you need to understand my point too.

If you have an issue with something, submit a support request first, and give the author time to respond.

As I said, I did 5-star review first. Currently in WP there is no way to delete a review or put it on hold.