kemeng

Hi @hristo-sg,

It would be fantastic to have an -always- updated note from you about “advised/optimal” Cloudflare settings for Siteground hosting.

Beacuse for us (end-users) is not “funky” if you point to each others (Cloudflare<->Siteground) for some overlapping things (ie. mine should be used), or/and we (end-users) should/have to find out from comments in different hidden topics (like this) what would be the ideal settings for SG sites at CF.

Preferably, it could be a simple list with a short explanation of (all) the functions of Siteground/Cloudflare what should/should not be on/off or could be on/off at one of you (ie end-user should test both possibility and choose only one of it). Might this sentence sounds difficult although it can lead a note like this example:

CF Railgun – SG Not supported anymore – turn it off at CF
Cloudflare’s “Argo Tiered Cache – SG not recommend to use – May causes conflicts
CF Minify – SG Optimizer Minify fuction can reach 20% better result over CF in our tests – Test and use only ONE, do not overlap

etc

cheers

• This reply was modified 2 years, 10 months ago by kemeng.

Hi Niklas and happy holidays!

Is this still connected to the same issue happened in previous version?

Token exprired msg is correct, although I haven’t had error like this at that time:

ERROR: Uploaded file size and local file size don’t match.

Cheers

[27-Dec-2021 23:08:39] Archive size is 1.15 GB.
[27-Dec-2021 23:08:39] 24456 Files with 1.30 GB in Archive.
[27-Dec-2021 23:08:40] 1. Try to send backup file to Dropbox …
[27-Dec-2021 23:08:41] Token has expired; new token has been obtained
[27-Dec-2021 23:08:41] Authenticated with Dropbox of user: Darth Wader
[27-Dec-2021 23:08:41] Uploading to Dropbox …
[27-Dec-2021 23:08:41] Beginning new file upload session
[27-Dec-2021 23:10:39] Token has expired; new token has been obtained
[27-Dec-2021 23:12:38] Token has expired; new token has been obtained
[27-Dec-2021 23:14:37] WARNING: Signal "SIGTERM" (Termination signal) is sent to script!
[27-Dec-2021 23:14:39] Token has expired; new token has been obtained
[27-Dec-2021 23:16:39] Token has expired; new token has been obtained
[27-Dec-2021 23:18:39] Token has expired; new token has been obtained
[27-Dec-2021 23:19:37] /home/customer/www/darthwader.com/public_html/wp-content/plugins/backwpup/src/Http/Client/WpHttpClient.php: Dropbox API: cURL error 28: Operation timed out after 5000 milliseconds with 0 bytes received
[27-Dec-2021 23:19:38] 2. Try to send backup file to Dropbox …
[27-Dec-2021 23:19:38] Token has expired; new token has been obtained
[27-Dec-2021 23:19:39] Authenticated with Dropbox of user: Darth Wader
[27-Dec-2021 23:19:39] Uploading to Dropbox …
[27-Dec-2021 23:21:38] Token has expired; new token has been obtained
[27-Dec-2021 23:23:38] Token has expired; new token has been obtained
[27-Dec-2021 23:25:08] Finishing upload session with a total of 1 GB uploaded
[27-Dec-2021 23:25:09] ERROR: Uploaded file size and local file size don't match.
[27-Dec-2021 23:25:10] 3. Try to send backup file to Dropbox …
[27-Dec-2021 23:25:11] Token has expired; new token has been obtained
[27-Dec-2021 23:25:11] Authenticated with Dropbox of user: Darth Wader
[27-Dec-2021 23:25:11] Uploading to Dropbox …
[27-Dec-2021 23:25:12] One old log deleted
[27-Dec-2021 23:25:12] ERROR: Job has ended with errors in 1852 seconds. You must resolve the errors for correct execution.

– Despite error msg the file is in Dropbox with size 1.15GB. Did not check integrity is correct or not (ie download and uncompress)

• This reply was modified 2 years, 11 months ago by kemeng.
• This reply was modified 2 years, 11 months ago by kemeng.

Just two things more:

– I got the point, dont overlap. Hope you getting mine as a “normal/nooby wp user” too

– Webcraftic Hide Login Page has good option: it generates a secure url to reset the custom login address to the default (for case).

Hi there,

Thanks for your responding!

Would bring to your attention:

# SGS HSTS Header Service
Header set Strict-Transport-Security “max-age=10886400; preload”
# SGS HSTS Header Service END

# SGS XSS Header Service
<IfModule mod_headers.c>
# SGS XSS
Header always set X-Content-Type-Options “nosniff”
Header set X-XSS-Protection “1; mode=block”
# SGS XSS END
</IfModule>
# SGS XSS Header Service END

Made by SG Security in .htaccess (which I believe belongings for super secure https, plus xss protection option)

Then you get error in Site Tools:
2021-12-10 22:27:17 UTC [apache][core:alert] [pid 10488] [client 112.198.97.4:46356] /home/u703-xxxxxx/www/domain.com/public_html/.htaccess: Invalid command ‘SGS’, perhaps misspelled or defined by a module not included in the server configuration, referer:?https://www.domain.com/wp-admin/

I dont have idea how the “SGS invaild command” refers to “wp-admin”. As I said I am not expert at all.

Many people have plugin for hiding login page and if you add SG Security (for a try and you dont know all its features – very possible) you can lock out urself from admin login (through given address)

That is not good.

• This reply was modified 2 years, 11 months ago by kemeng.
• This reply was modified 2 years, 11 months ago by kemeng.
• This reply was modified 2 years, 11 months ago by kemeng.

Hi there,

I responded here

cheers!

Hi there,

Got free version of WP Mail and has only the password set in wp-config, in my memory.

You meant I shoud (re)configure in wp-config everything (not only password) instead of using the Plugin’s settings in WP admin?

Will check in a few days the exact lines added, im right now on a short mototrip.

Cheers,
Gabor

Hi there,

I got same problem started sometime ago (this year Sept/Oct).

Find details below:

WP:5.8.2
PHP:7.4.26
WP Mail:3.2.1
Email: Other SMTP – gmail with App Password (gmail handles our domain for outgoing emails)- Settings: smtp.gmail.com, TLS, Auth ON

– Test emails are working fine, even I recreated a new password
– It is not all the time fails to send, but mostly. (WP Core succeed, WFence yes/no, WPBackup Fails)
– Did not reinstall yet the WP Mail

Error Event:
Content
Mailer: Other SMTP SMTP Error: Could not authenticate.
Source
Wordfence Security
/home/customer/www/ourdomain.com/public_html/wp-content/plugins/wordfence/lib/wordfenceClass.php (line: 7161)

wfConfig::set('lastEmailHash', time() . ':' . $hash);
		foreach ($emails as $email) {
			$uniqueContent = $content . "\n\n" . sprintf(/* translators: WordPress admin panel URL. */ __('No longer an administrator for this site? Click here to stop receiving security alerts: %s', 'wordfence'), wfUtils::getSiteBaseURL() . '?_wfsf=removeAlertEmail&jwt=' . wfUtils::generateJWT(array('email' => $email)));
			wp_mail($email, $subject, $uniqueContent);

7161 line is the last

Other Error Event:

Content
Mailer: Other SMTP SMTP Error: Could not authenticate.
Source
BackWPup
/home/customer/www/ourdomain.com/public_html/wp-content/plugins/backwpup/inc/class-job.php (line: 1152)

if ( $bracket_pos === false || $at_pos === false ) {
						$this->job['mailaddresssenderlog'] = str_replace( array(
								'<',
								'>',
							),
								'',
								$this->job['mailaddresssenderlog'] ) . ' <' . get_bloginfo( 'admin_email' ) . '>';
					}

					$headers[] = 'From: ' . $this->job['mailaddresssenderlog'];
				}
				wp_mail( $this->job['mailaddresslog'], $subject, file_get_contents( $this->logfile ), $headers );

Last line

Debug event when WFence succeed:

Content
An email request was sent.
Source
Wordfence Security
/home/customer/www/ourdomain.com/public_html/wp-content/plugins/wordfence/lib/wfActivityReport.php (line: 508)

if (!wp_mail($email, sprintf(/* translators: 1. Site URL. 2. Localized date. */ __('Wordfence activity for %1$s on %2$s', 'wordfence'), date_i18n(get_option('date_format')), $shortSiteURL), $uniqueContent, 'Content-Type: text/html')) {
				$success = false;