Peter Petreski

Hi,
Currently the behaviour is that the plugin monitors failed login attempts and if it finds that the username which was used is not part of the existing accounts it simply marks it as “unknown” when writing the failed login attempt to the DB. (so in reality the hacker or bot attempting the brute force login is not actually using the name “unknown”)

You make a good suggestion and it is something we have thought about too and we will certainly keep this in mind as we improve/tweak our plugin.

Having said that, if you are wanting to stamp out brute force attacks why don’t you activate the cookie-based brute force prevention feature?
This is the most effective way to combat such security threats.

How many fields do you have in your contact form and what are they?

Also please ensure that your field names conform to the naming convention as specified in the instructions here:
https://wpsolutions-hq.com/plugins/contact-form-7-autoresponder-addon/

To create another user account with a more complex name and admin privileges just go to the wordpress users menu and create another account and then delete the account with the username “abc”.

Hi Henrik,
Yes we can help you – we will be providing a POT file with the next release (which should be out soon).
When you download the next release you will be able to find the POT file in the “languages” folder.

Hi cmhello,
How did you do your translations?
ie, for example did you create a POT file and did you use an application like Poedit for the “po” and “mo” file creation?

FYI – We will create a POT file which will be included with the plugin installation files in a future release very soon.

Hi Chris,
Is it possible to create a dummy password-protected page and send us the link with password so we can check it out?

I have tried numerous tests on FF/Chrome/IE/Opera and I don’t see any issues on my particular setup which is why I am curious to see the problem for myself on your site.

Ok no problems.

I’ve never seen this happen before so it would have been good to know what was causing it on your site.

Another thing you could’ve done instead of manually editing the wp-config.php file is to have restored from your backup copy, ie, the plugin automatically creates one in your root folder when you enable that feature.

I will now set this thread to resolved.
thanks

Hi Thomas,
Can you please post a link to your site’s front-end which is displaying this text so we can take a quick look?

Hi,
Could you please be a bit more specific?

Which “portfolio pages” are you referring to? Are the portfolio pages something which are created from a plugin or your theme?

Which firewall rules do you have active?

Hi,
I just wanted to clarify exactly what you mean –
are you saying that when editing a post or page, you cannot change between the “Visual/Text” tabs when “Bad Query Strings” are enabled?

If possible can you please provide any more info which may help us to reproduce this problem?

…from time to time I got that annoying message when I try to upload content to any post through the media manager: The uploaded file could not be moved to wp-content/archivos/2013/07

Since you say from “time to time” you get errors, so does this mean that on some occasions you don’t get errors when uploading something via media manager? Does this issue occur intermittently?

In order for us to better understand the issues you are having we will need some more info such as:
– Which firewall rules have you got active when you see these errors?

– what are the exact steps to reproduce both problems you refer to in your question?

(For instance I just tried reproducing the first issue – ie, uploading something from a post using the media manager and was not able to see any errors on my server even with every firewall rule activated).

Hi Douglas,
If you cleared your cookies then that would explain why you can’t access the login page because that is how the feature works.

To get back to your login page is easy if you can remember the secret word you chose when you saved your settings. Simply add your secret word string to your site’s URL as follows:
https://example.com/?yoursecretword=1

This should get you back to your login page.

If that doesn’t work (or you can’t remember your secret word),
FTP your .htaccess file to your computer and then delete the code between (and including) the following tags:
#AIOWPS_ENABLE_BRUTE_FORCE_PREVENTION_START
#AIOWPS_ENABLE_BRUTE_FORCE_PREVENTION_END

Then save the file and FTP it back to your host.

Alternatively, you can look for the “.htaccess.backup” file in your site’s root directory using your FTP client and rename this to “.htaccess” after deleting the active version.

Hi,
Thanks for pointing that out – the perishable press version is correct.

This will be fixed in the next version which should be due out soon.

Hi,
We are looking at releasing our next version of the plugin within a week.

Hi,
If you are asking if the “All In One WP Security & Firewall” plugin will work with the “Limit Login Attempts” plugin the answer is yes it should.

Having said that, keep in mind that the “Login Lockdown” feature of AIOWPS plugin probably does a similar thing to the LLA plugin – therefore if you want to run both plugins you should deactivate the “Login Lockdown” feature in the AIOWPS plugin – otherwise you may see unpredictable behaviour with regards to login attempts and lockouts etc.