Josefus Flavius

dwinden

JF here, from the other thread on Captcha… ??

This might explain why I’ve been banned from my main domain and from one subdomain on my shared server. Here’s the exact language of the banning on the screen:

Your IP address was temporarily banned. [VERY LARGE SIZE FONT]

You may have been banned for one of the following reasons:

Failing to log into wordpress (wp-login) 10 times in 5 minutes (30 minute ban)
POSTING to xmlrpc.php more than once in 60 seconds (2 hour ban)

If you have a legitimate use for either of these cases please contact support.

Is this what a network-based ban announcement look like?

I’ve been at it with my host now for 2 days… blaming their server code for it… Perhaps I was wrong on the cause…

Could you please confirm that this is the language of the iTheme plugin?

Also, now that I’ve followed your explanation and disabled the Network protection on this, how long would it take for my IP address to be removed from the ‘blacklist’? It’s actually affecting my main domain, site (main account on the Apache shared-server, onto which I don’t believe I have installed the iTheme security… and one of my subdomains. (The explanation of the bad login attempts has to do with a series of hacking attempts, a couple successful, over the weekend, which provided the reason to install iTheme…)

Again, many thanks!
JF

dwinden

On the uncertainty of the importance of Suspicious Query Strings element, and on cache vs. uncached: my sentiments exactly.

I will include the relevant bits of this discussion in the iTheme bug report.

Many thanks for your help!
JF

Dwinden,

Many thanks for your detailed reply and offer — very much appreciated!

Although I can follow your instructions and carry out the necessary steps, for each of the sites, it would be way-too much for the purpose.

I think I’m going to disable the captcha feature of Contact Form 7 and disable the Captcha plugin, then see whether Akismet provides sufficient protection. In the long run, I might switch to Jetpack and that plugin doesn’t work with Captcha either.

I’m curious about the following: when logged into the sites (running uncached), the Captcha text renews just fine. It’s only when cached — which is how all readers except for me are served — that this blocking (or conflict) takes effect and interfere with the Captcha text string. I’m using W3 Total Cache which has worked perfectly for me on several sites, and I’m definitely staying with it. Does this one detail about cached vs. non-cached pages generate any reaction or ideas on how to approach this issue?

Thanks again for your help!
JF

Thanks, dwinden!

I did the test part: I commented out the original with the following:

RewriteCond %{QUERY_STRING} ^.*(concat|insert|union|declare).* [NC]

and the Captcha is now working on the site I tested the change.

I don’t understand these codes nearly enough to appreciate what they are designed to do, so please bear with me… Here are my questions:

Should I just leave this line (and remove the original) because it works or should I enter the other 3 lines you included in the example:

RewriteCond %{QUERY_STRING} ^.*(request).* [NC]
RewriteCond %{QUERY_STRING} !^(_wpcf7_request).* [NC]
RewriteRule ^(.*)$ – [F]

Obviously, I don’t understand the diff between doing one or the other… ??

Would either solution stay intact when the plugin is updated?

Thank you again!
JF

Thanks again, mbrsolution!

Thanks for your reply, mbrsolution.

I no longer use HyperCache: I waited for the developer’s reply to this inquiry (also posted on his website) for a couple of weeks, but could wait no more. I now use W3 Total Cache and the problems cited above are all gone. I trust this had to do with HyperCache not being updated.

And, while I did enjoy HyperCache very much, I’m now getting even faster page loading under W3TC. W3TC involves many more settings, but there’s information available on how to configure it, and once you get it right, you can save and export the settings so you don’t need to repeat the process on multiple websites. I’m very, very pleased with it.

JF

I uploaded a fresh copy of the plugin and was then able to access the page and correct the link pointing to the old server. Problem solved.

Thank you!!!

Thanks!

Same as all of the above…

Hopefully Rob Felty will update the plugin. If so, please reply to this item so we can be notified.

Many Thanks!
JF

I’m very interested in using this on WP 4.0. I hope you update. Would greatly appreciate your reply so I can be notified of the update.

THANKS!
JF

@tanaylakhani

I’m looking at the ReadyGraph-app page and there’s nothing on top-right corner, no drop down… Or is this because I didn’t click on the Connect ReadyGraph button (which I’m not going to do, obviously)?

If you guys want to keep those of us who are not interested in using ReadyGraph, you should make the ReadyGraph removal process entirely easy and simple. The moment you make us feel we must share with you our mailing lists… well, we’ll be out the door faster than you know.

So, is there a way do to remove ReadyGraph without first connecting to it?

Thank you,
JF

@tanaylakhani

Thanks for your reply. As I indicated earlier (above) I installed ver. 10.13 but couldn’t find just where you put this “option” (which I read about in the version change report.

Please tell me exactly where to find the function/buttons that delete these files.

Thank you,
JF

Thank you again, Matt!

Is version 10.1 free of all ReadyGraph and does it include other fixes since version 9.4?

Thank you,
JF