Thought Nozzle

Thanks for that, Paul.

I can lightly hack the code, but I try to avoid it when possible to make sure changes don’t get clobbered in updates.

FWIW, I’ve also put a but in Zapier’s ear about adding Mastodon connection, but it’s apparently something that would be in Mastodon’s court.

Lots of fiddling involved in these migrations.

Thanks again!

Thanks for the quick response!

But… I’ve moved on to another solution, at least for now: the WPZoom plugin.

That one still has a deficiency, though; Mastodon requires a rel=”me” tag in a link to your profile from the site in order to verify your account.

So if you were able to add customized rel tags as well as Mastodon, I’d swing back over to you. ??

Thanks again!

Your unwillingness to “support under 5.6 PHP versions” crashed one of my clients’ sites. As others have noted, there are a substantial number of hosting environments that still use versions <5.6. It’s apparent that you are not willing to do a microscopic bit of work to patch the code to provide continuing compatibility. So I’ll be looking for another developer and another plugin. Good luck in your future endeavors.

Looks like my support people found the issue. noc1.wordfence.com is on a blocklist, supposedly for malicious traffic. They tell me they have notified both the blocklist managers and your company.

They removed the IP address from their graylist tables, so that issue is gone.

WordFence is still choking on two sites on that server with large file counts, but that’s a separate issue.

Thanks.

And here’s a redacted dump of a log, with diagnostics on. I have also tried setting the per-stage max execution time to 30, with no luck.
– – – –

[Jun 16 23:56:45] Ajax request received to start scan.
[Jun 16 23:56:45] Entering start scan routine
[Jun 16 23:56:45] Got value from wf config maxExecutionTime:
[Jun 16 23:56:45] Got max_execution_time value from ini: 0
[Jun 16 23:56:45] getMaxExecutionTime() returning default of: 15
[Jun 16 23:56:45] Test result of scan start URL fetch: array ( 'headers' => Requests_Utility_CaseInsensitiveDictionary::__set_state(array( 'data' => array ( 'content-type' => 'text/html; charset=UTF-8', 'x-robots-tag' => 'noindex', 'x-content-type-options' => 'nosniff', 'expires' => 'Wed, 11 Jan 1984 05:00:00 GMT', 'cache-control' => 'no-cache, must-revalidate, max-age=0', 'x-frame-options' => 'SAMEORIGIN', 'content-length' => '32', 'content-encoding' => 'gzip', 'vary' => 'Accept-Encoding', 'date' => 'Fri, 16 Jun 2017 23:56:45 GMT', 'accept-ranges' => 'bytes', 'server' => 'LiteSpeed', ), )), 'body' => 'WFSCANTESTOK', 'response' => array ( 'code' => 200, 'message' => 'OK', ), 'cookies' => array ( ), 'filename' => NULL, 'http_response' => WP_HTTP_Requests_Response::__set_state(array( 'response' => Requests_Response::__set_state(array( 'body' => 'WFSCANTESTOK',
[Jun 16 23:56:45] Starting cron with normal ajax at URL https://[REDACTED].com/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&cronKey=[REDACTED]
[Jun 16 23:56:45] Scan engine received request.
[Jun 16 23:56:45] Checking cronkey
[Jun 16 23:56:45] Fetching stored cronkey for comparison.
[Jun 16 23:56:45] Exploding stored cronkey
[Jun 16 23:56:45] Checking saved cronkey against cronkey param
[Jun 16 23:56:45] Becoming admin for scan
[Jun 16 23:56:45] Scan will run as admin user '[REDACTED]' with ID '[REDACTED]' sourced from: singlesite get_users() function
[Jun 16 23:56:45] Scan authentication complete.
[Jun 16 23:56:45] Done become admin
[Jun 16 23:56:45] Checking if scan is already running
[Jun 16 23:56:45] Requesting max memory
[Jun 16 23:56:45] Setting up error handling environment
[Jun 16 23:56:45] Setting up scanRunning and starting scan
[Jun 16 23:56:45] Got value from wf config maxExecutionTime:
[Jun 16 23:56:45] Got max_execution_time value from ini: 0
[Jun 16 23:56:45] getMaxExecutionTime() returning default of: 15
[Jun 16 23:56:51] Contacting Wordfence to initiate scan
[Jun 16 23:56:51] Calling Wordfence API v2.23:https://noc1.wordfence.com/v2.23/?v=4.8&s=[REDACTED]&openssl=[REDACTED]&phpv=5.6.23&betaFeed=0&cacheType=disabled&action=log_scan
[Jun 16 23:56:58] Scan process ended after forking.
[Jun 16 23:57:01] Calling Wordfence API v2.23:https://noc1.wordfence.com/v2.23/?v=4.8&s=[REDACTED]&openssl=[REDACTED]&phpv=5.6.23&betaFeed=0&cacheType=disabled&action=record_scan_metrics
[Jun 16 23:57:11] Scan terminated with error: There was an error connecting to the the Wordfence scanning servers: cURL error 28: Connection timed out after 10001 milliseconds

• This reply was modified 7 years, 9 months ago by Thought Nozzle.

Start all scans remotely – Disabled
Enable SSL Verification – Enabled

I disabled SSL Verification and tried a new scan. It failed with the same error, and the diagnostics are identical.

There is no functional problem with the plugin, so there’s no reason to uninstall. The only issue is that they changed the name of the author and contact URLs in a file, but they didn’t create a new version of the plugin to do that, and register the changed version with the plugin repository. This means that WordFence saw the difference and alerted its users. So, all you have to do is ignore this change. In WordFence, you can mark the security issue with “Ignore until the file changes” or even “I have fixed this issue” so that the alert goes away.

• This reply was modified 7 years, 9 months ago by Thought Nozzle.

The question of ownership is answered – but the transition shouldn’t have involved a lapse in updating the repository. Could have been handled more smoothly.

Looks something like you forgot to register the file modification with the WP plugin repository, Callum. Please remember to do that when updating files to save your users the time of having to security-check the modified file. Thanks.

Okay, I missed it. I have the “WP Maintenance Mode” plugin installed — wpmm. So that’s the likely cuplrit. The author is Designmodo, who should know better. Uninstalling and sending them a nastygram or two.

@velvetlounger – Can you confirm that you have WP Maintenance Mode installed?

Same thing here. This is a really stupid thing for a developer to do. They should have at least mentioned in the announcement who/which plugin was responsible.

The forwarding link in the spam contains:

//SPAMMEDDOMAIN/?utm_source=wpmm&utm_medium=wpmmlinks&utm_campaign=wpmm

Can’t find a plugin related to “wpmm”.

I’m going to do some cross-checking against other sites I admin and see if I can determine which. I’ll report back.

Thanks!

Thanks, Samuel.

Seeing the same thing here. Updated WP to 4.0 then tried to update the translations and got this error message. All other auto-updates and one-click updates are working fine — including themes — so I don’t think it’s a permissions issue… the error code looks like an issue with the translations zip files.

Thanks. I think I’ll be going with one of the other Stripe plugins that are available. Seems like a couple — including Stripe for Gravity Forms — are pretty full-featured, and would allow all of the features I need.