Robert
Forum Replies Created
-
Forum: Plugins
In reply to: [Custom Login] Custom Login v4.1 Vulnerable ?“Unfortunately that is how WordPress’ plugin update system works.”
Hmmmm… no other plugin on hundreds of sites I manage has that problem. This is not a WordPress problem, this is a severe problem with the plugin itself. I run sites on PHP 8.3 and PHP 7.4. PHP 7.4 is still widely used, so you should reconsider not fixing the issue. I am currently deactivating the plugin across all my sites and will find another until I think yours is secure on both PHP releases.
- This reply was modified 1 year ago by Robert.
What I have done for now is rolled back to the previous version. Edited the file “advanced-nocaptcha-recaptcha.php” and changed the version number to 999.1 so it never updates.
Note, this is a temporary solution until I find a suitable alternative plugin. Security-wise, it’s not an ideal solution, so would not implement it permanently.
Hope this helps someone as a temporary solution.
Forum: Plugins
In reply to: [Invisible reCaptcha for WordPress] Fatal error with PHP 7.4 or newerHas the developer fixed this issue yet? I was hoping to switch to this plugin after another plugin called “Advanced noCaptcha & invisible Captcha” plugin went premium only for contact forms.
Guess what @robertabela. I was absolutely right. you guys just removed the ability to use the plugin for free and now we all have to find another free plugin.
I knew this was coming. my sites all stopped capturing spammers on Contact Form 7. You removed connectivity to 3rd part plugins without notice. Fuming!
Any comments on what you just did, given how you lied previously saying there would be no changes? Everything I said about your takeover was right.
Will be finding a new plugin and recommending to everyone on web design forums to do the same.
Annoyed!
- This reply was modified 3 years, 1 month ago by Robert.
@robertabela
Thanks for your response. You have partially allayed my fears about the direction you’re headed, although I am not yet fully convinced. After some time passes, I will take note of your changelog, if that is available, and wait and edit my review and give you a higher rating in due course. What I do not understand is that why you take over someone else’s plugin and change it rather than building one from scratch. When takeovers usually happen, plugins are usually changed for the worse. As I’ve said, new owners tend to include the unwanted. You sound sincere at this time, so I’ll give you the benefit of the doubt at this time.
Thank you.
Regards
@robertabela
See the following page linked from WordPress admin after the latest update:
https://www.wpwhitesecurity.com/advanced-nocaptcha-recaptcha-joins-wp-white-security/
On that page, it states:
“Furthermore, we will be looking for ways to improve the functionality and usability of the plugin to bring it in line with our existing portfolio of plugins and adding new features.”
It seems that you are now aware that your own dev team intends to add new features and your reply to my post indicates that you are oblivious to the planned updates and additions to the functionality?
I have made my point because after seeing WP White Security complicate other plugins by adding unneeded functionality and trying to tie this plugin to your existing suite of plugins will complicate the functionality of a simple plugin and present possible security holes.
That is all I have to say. I have presented facts from your own website that back up my feelings about the direction this plugin will take. I appreciate your attempts to explain and placate my concerns, but nevertheless, your website outlines plans to expand the functionality, so I have not yet changed my views. Takeovers never work, in my opinion. Things inevitably change for the worse.
Regards
OK, I have finally worked out why the invoices were not being sent on this site, but were on other sites.
In WooCommerce > Settings > Emails > Email sender options
“From” address was previously set to my own personal email address. I changed this to [email protected] where ‘domain.com’ is the sites domain. After that, the emails started to be sent OK.
For anyone else who has this problem, I hope this helps.
I’m marking this ticket as ‘resolved’.
kind regards
In addition to what I’ve already said…
I tried to uninstall and reinstall the plugin, however, the plugin remembered all the settings from before. This showed me that when it uninstalled it did not delete any of its data from the WordPress database. This is not desirable at all. The problem persists.
I would be grateful for any help, please?
Regards
Thanks, but Nope! I’m not convinced that your plugin needs to view my email or other personal information. An API provides a method of communication between the site and Google Analytics that doesn’t need all that. Unless you provide a version that allows me to untick that info, I’m switching to another plugin. Your answer doesn’t explain the need to gain access to personal info. There are data protection issues here, you clearly do not understand.
Hi Ewout
Thank you kindly for your quick response. Just the solution I was after. ??
Many thanks!
Thanks Matt ??
Hi @matt Cromwell
Sorry to necro this thread. I’m getting the same error. @hgiexchangehotel mentions that he has SSL (like myself) but still got the error. His solution was to turn off the ‘Encrypted Website Payments’ setting in PayPal. The particular PayPal account I use takes payments from more than one site, so I don’t particularly want to change this setting in PayPal unless I absolutely have to.
Can you kindly clarify why turning this setting off is needed if the site already is encrypted? Surely this means it’s the way you coded the button? Can you expand on why it is going wrong, please? Is there another way to solve the problem without turning off ‘Encrypted Website Payments’ setting in PayPal?
Note: I use the Chrome browser to test. My site uses a certificate issued by Comodo ECC Domain Validation Secure Server, SSL v3 with SHA256.
Regards
Forum: Plugins
In reply to: [GiveWP - Donation Plugin and Fundraising Platform] GDPR Opt-in check boxesHi Matt
Thanks for taking the time to respond. I’ll make do with the Terms checkbox as advised. I’ve just finished writing specific terms for the client.
many thanks!
Forum: Plugins
In reply to: [GiveWP - Donation Plugin and Fundraising Platform] GDPR Opt-in check boxesPlease also read this page:-
https://www.civilsociety.co.uk/news/free-guide-to-gdpr-and-data-protection-for-charities-published-today.html
All donation pages in the EU should really have opt-in checkboxes or radio buttons to ensure users give consent to be contacted. It would be great if this feature was included in the plugin settings, please?
Forum: Plugins
In reply to: [W3 Total Cache] W3 Total Cache Update, Cloudflare limitation problemThanks @yews-grigory
This would be fine for just one or two sites, but I have to do this for over 100 sites, or just not update the rest until a fix.
What we need is for the plugin author to recognise and acknowledge this issue and update the plugin accordingly. Taking a look at other people’s support posts since the plugin update shows quite a lot has gone wrong apparently.
- This reply was modified 8 years, 5 months ago by Robert.