Mr-Manor

Great! Thanks for fixing ??

ok, so the difference in our results @toxicum seem to be if local versus cdn download is selected for Tracker. If I change to local download I get the expected message and the above text regarding Prospect One is changed to “Blacklight detected a script loaded from busene.dk doing this on this site”

Digging into the jsdelivr website I found the Privacy Policy – cdn.jsdelivr.net: Prospect One (“us”, “we”, or “our”) operates the cdn.jsdelivr.net website (the “Service”).

Yes I agree that some kind of tracking is expected, but I am curious on how Prospect One got into the equation. As far as remember I have not installed any wp-slimstat commercial plugins. But we do have used slimstat for many years. So I cat say for sure if wp-slimstat has always been one single download (did I have to add som geo related stuff at some time?)

I wrote to the author of Blacklight and he readily replied:

The tool has a (slightly hidden) download feature for the inspection archive, I looked through it for your website, the script doing the fingerprinting is https://cdn.jsdelivr.net/wp/wp-slimstat/tags/4.8.8.1/wp-slimstat.min.js. I have attached the inspection report to this email which you can further inspect. And if you are interested in learning more about what we are testing for we define it in our methodology. You can see the raw inspection result at the following path after extracting the zip – raw/inspection.json. For more information about the inspection results archive you can look here

zip file here if anyone is interrested

There is no mention of prospect anywhere in the raw data from my site nor if I do a raw grep -iR Prospect * on the www folders on my webserver. So at this time I suspect that slimstats tracking have been incorrectly associated with Prospect One – although that does not fit if you do not have the same text when scanning your site.

I am still puzzled

Thanks – now it works ??

Hi, I just been noticed by one of my users – that he gets blocked when he tries to publish.
I have verified that my fail2ban is newest free version and I have placed fresh copies of wordpress-extra.conf wordpress-hard.conf and wordpress-soft.conf in /etc/fail2ban/filter.d/ (date 2 oct). Lastly I have reloaded fail2ban.

Still my user gets banned. Did I forget something?

ebbe has role “Editor” and uses Chrome on a Windows10
In log I see:

2019-11-26T18:46:42+01:00 apasrv wp(vand.ugerloese.dk)[26135]: Accepted password for ebbe from 5.103.202.NNN
2019-11-26T18:47:38+01:00 apasrv wp(vand.ugerloese.dk)[25309]: Blocked user enumeration attempt from 5.103.202.NNN

At the time I got your answer I had removed the plugin for my sites. A couple of days ago I gave it another chance, and installed it again. Today I see it has magically updated the pictures on my site without me interweaving ?? Yeea!
So I am not sure whether it was reinstall or changing the autoupdate interval which made the difference. Anyway I am a happy man now.

I am sorry to hear. Facing this problem on top of GDPR I think I’ll just remove the subscribe possibility.
Thanks for letting me known anyway.

I have the same problem as @elinek: I initially removed the plugin to get my sites up. I can move it back to the plugin directory – but as soon as I activate it: Site is down. There is no db file to delete, only the to 2 before mentioned files.
This is a multisite install running behind a nginx proxy.

Works for me ??

2016-08-11T13:50:25+02:00 sites wp(nordiskparallelspr)[21912]: Authentication attempt for unknown user admin from 213.83.153.118

Blok name is nordiskparallelsprogsnet.sites.ku.dk and my settings are now:

define('WP_FAIL2BAN_SYSLOG_SHORT_TAG',true);
define('WP_FAIL2BAN_TRUNCATE_HOST',18);

Thanks.

Thanks. You are right of course, on the other hand, is the blog name of any significant importance?
For me an attacker is a attacker, and I dont really care if he targets blog a og b. I guess some people might have some forensic interest in which blok is attacked. But the most important issue is still to not break detection.
I would guess that my case is not very common. So I would say that truncation and a note on the limitation in the setup instructions would be sufficient.
Just my opinion ??

Yes, by changing the symbol I can execute the create statement. It also seem to cure the problem as I can now visit (and leave by link to external resource) the blog in question without error messages. I am a bit puzzled though as no data is entered in the mentioned table.

I must admit though that I have not much idea on what am I actually doing. Mysql constraints is above my current sql knowledge level.

Should I make a similar CREATE statement for all active subsites on our system?

Regards
Klaus

If have seen (and ignored for quite a while) this on 3 different multisite installations, one not even maintain be me. I do think that some circumstances/installations may lead to this error.

I have tried to create one missing table like this:

CREATE TABLE IF NOT EXISTS sc_629_slim_events (
event_id int(10) NOT NULL AUTO_INCREMENT,
type tinyint(3) unsigned DEFAULT ‘0’,
event_description varchar(64) DEFAULT NULL,
notes varchar(256) DEFAULT NULL,
position varchar(32) DEFAULT NULL,
id int(10) unsigned NOT NULL DEFAULT ‘0’,
dt int(10) unsigned DEFAULT ‘0’,
PRIMARY KEY (event_id),
KEY idx_sc_629_slim_events (dt),
KEY fk_sc_629_id (id),
CONSTRAINT fk_sc_629_id FOREIGN KEY (id) REFERENCES sc_629_slim_stats (id) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;n

But mysql responds with:

160519 13:30:55 Error in foreign key constraint creation for table fak-sites.sc_629_slim_events.
A foreign key constraint of name fak-sites.fk_sc_629_id
already exists.

Please advise how to proceed.

You where absolutely right. There was several strings in the Danish translation needing a new text. I made a updated complete version of the Danish translation, please let my know where you want me til submit it or feel free to fetch it from

https://vink-slott.dk/ioNgool9/subscribe2-da_DK.mo
https://vink-slott.dk/ioNgool9/subscribe2-da_DK.po

Hi Devon

The plugin i am currently testing is Subscribe2, it has a fairly complete Danish translation aswell. This is also a key point as it save me some time in translating it my self.

Regarding how it manages MU domain mapping, i am not sure that it does at all. They may just be lucky that functionality does not break. I base that assumption on the fact that links in the notification mail points back to the original site. WordPress handles that well and just redirects to the correct (mapped)domain, but alert users may notice the wrong link.

Regards
Klaus

Thanks – I’ll try to find time to update the translation.