JamesBB

@myinternetscout

THANK YOU for the tip!
The plugin WP-Activity you mentioned should be very useful…

BTW I ckecked the box titled “Check this box to enable XML sitemap functionality.”

Thanks

@andersvinther2 and @jan Dembowski
Yes I totally agree with you both and I even myself recommend to anyone around to keep everything updated, not only WordPress but browsers (Firefox, Chrome,etc) and whatever softwares.
In the case I was referring to was a kinda “closed” CMS without people commenting, not as popular as big sites of course and quite different from the average blog…But anyway I agree, latest is best…

Finally how much do they get every month these guys in Reuters to confess such rubbish: “Security Watch checked the HTML source code and found a line in the header code indicating the page had been generated using version 3.1.1. Mark Jaquith, one of the lead developers of WordPress, confirmed that was the case in an email.”

I mean this is the basic of basic known by any kid and beginners in WP blogging with recommendations published in thousands of posts/articles about WordPress security…”Remove the WP version in header”
And supposed to be Pro guys in a well known company did not do anything about it? I guess they still use “admin” in their login ?? ??
Well sorry to say but they deserved to be hacked!

Cheers!
J

You’re welcome! ??

Hi!
There is a section additional pages saying “Here you can specify files or URLs which should be included in the sitemap, but do not belong to your Blog/WordPress.”
Did you try it?

Cheers!
J

@myinternetscout
Yes you are right but there always are new security holes as far as new code is added ??
Anyway WP 3.2.1 is a pretty stable and safe version.

When you have a CMS type of site with hundreds of pages + many plugins and tuning, it’s still a pain to upgrade every time there’s a new release and make sure everything works perfect.

Quite a few sites are also in the same situation and don’t really feel to permanently update with all the risks of problems that could pop up. When something runs smooth and you see your stats going up every day with more users and more backlinks, I prefer to let it go for a while even if I don’t have the latest bells and whistles. This is why for some sites I don’t upgrade every time a new release goes out but maybe once a year…

Hopefully most plugins at least supports WP3 versions not just the latest WP version that went out a few weeks ago.

Cheers!
J

Thanks bdragich! So for the moment, I will stay with v1.2.5 too…

Seems it is a problem with Ajax but how can the plugin interfere?

Anyone using WP 3.2.1 had problems editing the “Permalink” or using the “Quick Edit” function in the All Posts page ?

Thanks!

@myinternetscout
A new plugin? But I am on WordPress v3.2.1 and it seems the plugin you are talking about only deals with WP v3.3 or higher ??

Hi Johan?

Any chances to find out what is going wrong?
Thank you for your time!

Jamy

Hi everyone!

Maybe not the exact place to discuss about options etc but subject and plugin are so interesting we might have one day to open a forum somewhere ??

Just to say that exclusion of IP can slow down annoyances but I didn’t find this solution very efficient after working on this…
I have several VBulletin forums and it is unfortunately the most attacked forum script on the market especially as one must pay a consequent amount of money to remove their famous “Powered by VBulletin” line ??
Displaying their brand acts like a strong call message saying “Try hacking/spamming me!” ??
Now some VB forums ask users to fill up to 4 different types of Captcha to avoid bots (write what you see, answer a question, calculate this, give the time on the clock)…Woow when shall we need to fill a form with our mobile number then answer to an SMS? Bots really succeeded in bothering others so much…

So during almost 1 year I regularly worked on tracking bots and spams in order to establish an accurate IP ban list for my HTaccess.
I used many tools including the convenient “Who’s online” inside VBulletin which shows like a live stats script who is trying to see/do what and when. I could see (in live!) bots trying to bypass the captcha and trying to login, etc…

Well my conclusion is that although there are of course some regions (Russia, Ukraine, etc) that can be totally banned as too many servers over there are used for hack/spam etc, it is also a tough job to block ips as bad guys are constantly moving trying to use any weakness in a server and launched their attack from there.
Moreover I don’t see how/where we can report these guys or IPs…I mean already multi-dollar companies with a bunch of lawyers can hardly stop anyone harming them online. So yes it can slow down but…

I do believe the strongest protection right now would be to correct the (recent) failure of “limit login” plugin to be bypassed by some bots.
But yes a Master log would be a cool option and bcwp is right. Who is using admin as username today? Totally unsafe! So what about an “Exclude Admin user” option? (banning immediately any IP using “Admin” in username)…Just an idea! ??

A big THANKS to Johan for the precious time spent on this GREAT and USEFUL plugin!

Hello Johan,

Like dankrosso, I also had another Brute Force Attack last night while using plugin’s latest version (v1.7.1)
I did email you all the elements I have right now in order to help finding out.

Thank you.
R.

Hi there!

I have similar issues with location too.
Seems quite a few cities are not found within the plugin but can be found with a direct request on Accuweather site.

Any idea where to dig?
Thanks.

Hi!

I have the same message with some pics although there are in the same directory/folder with other images already correctly smushed (?)
(I use WP v3.2.1 and WP Smush.it v1.6.0)

THANK YOU!

Hi Johan,

I tried to get more elements about what happened but unfortunately could not get much more…
In the meanwhile I had banned a full range of IP from Russia which I guess hosts a certain number of non protected servers used by bots, etc…
I also increased my lockout time to 120 minutes (after 3 wrong passw)

I was waiting to see if this situation would occur again but did not see anything coming until now.
So right now I’m in standby. If anything happens again I should have more elements and I will install the plugin with some extra checks.

I keep you informed and will drop you an email if anything similar happens again.
THANK YOU very much for your quick answer/concern!

J.