markwordpress1

We did that already, you have not resolved anything yet.

We spoke to a Poonam Namdev

• This reply was modified 1 year, 1 month ago by markwordpress1.

So to sum up, buy a subscription, hosted account fills up with cached images from the feed (more than 60GB when discovered) with no way to control the size and must be manually deleted or the end user has to write their own scripts to delete them.

Buyer beware….Got it.

Thank you for the reply. I was/am using an expired premium version and only the following plugins are installed:

The Aggregator

Categories

Key Word Filtering

Templates

I don’t see anyway to control the cache other then dropping in a delete script and running it with a Cron job.

So a forced update that breaks sites.

Exactly why we don’t upgrade production sites and always,always,always test updates in staging first.

Guess we’ll have to turn to our Firewall to stop this nonsense…

So you are claiming that WordPress forcibly updated YOUR plugin?

You’re not reading my replies Mykyta, as I said already we deployed those lines in wp-config long ago and your plugin STILL updated.

That’s not ok, how do we disable updates for YOUR plugin? All the others appear to obey the wp-config parameters.

• This reply was modified 1 year, 8 months ago by markwordpress1.

You didn’t answer my question, I want to permanently disable updates, we don’t update production sites until updates are tested in staging.

How do I permanently disable updates?

I’m sure it’s me and I am just slow.

Thanks for your kind input.

The All Caps line was taken direct from the link you posted, might want to change that instruction if the caps is an issue. I also thought it was the ‘define’ that was the issue?

Really disappointed with this, WordPress or any of the plugin vendors are not authorized to access our servers and perform updates without us initiating the updates. We’ll make sure they can’t do this in the future. We get paid to make sure our client’s sites stay online and don’t break, to have a 3rd party come in and break them is just not acceptable.

It also begs the question, if you have the ability to force updates to anything for all sites what kind of security implications does that create? Could a disgruntled employee wreak havoc? Could a compromise access your methodology and gain access to vast amounts of sites?

• This reply was modified 3 years, 8 months ago by markwordpress1.
• This reply was modified 3 years, 8 months ago by markwordpress1.

Samuel,

Thank you for the reply.

This is what I already have in ALL my configs;

/** Disable WordPress automatic updates */
define( ‘automatic_updater_disabled’, true );
define( ‘WP_AUTO_UPDATE_CORE’, false );

The updates occurred anyway and as far as I can tell they should not have. Any other thoughts on how to prevent this?

Thats the plugin we tested, must be a conflict with something else we are using as it did not work for us.

I had the exact same issue, couldnt change the email address because the password was wrong, it’s the same password I used to login to see the option to change my email address.

I didn’t realize that the site email address was pulled by the plugin and then used to create an external account either. I wasn’t warned about that during the install.

In light of these issues I unistalled CleanTalk. I’d like that profile and account deleted off the CleanTalk site but I won’t hold my breath….

Adding another plugin might work but then we would have yet another place to manage all the updates for our sites. That would be a last resort.

We’ll try disabling the auto_update_core and see if that works. All our sites are 5.5 and it looks like 5.5.1 is rolling out right now ignoring the disabled auto_updater setting.

Thanks for the tip on core!