wothers

Although the recaptcha badge isn’t showing, I did get results for the one day I had it on v3. (Nothing for v2 over the weekend, though.) I’ve reverted back to v3 and will monitor the results on Google vs actual mail received. If it works, I’ll leave it at that, if not I’ll try Divi’s native form.

This is useless. This tells me how to reply to someone OTHER than the address the mail was sent from. I can’t reply to the address it was sent from to start with. My reply goes to the admin email. My address is the admin email. Why would I want to write to myself trying to reply to someone else’s query?

I downloaded WP Forms who reply to the sender by default. Can’t believe I had to go through 3 plugins to find a form that does that.

The file is generated dynamically when requested. It doesn’t actually exist.

Same problem.

This from tongtastic in a similar post resolved my problem:

The solution is to add this line

add_action( 'pre_post_update', array( $this, 'save_postdata' ) );

in wordpress-seo/admin/class-metabox.php:

after line 35

fixes it

Thanks tongtastic, that did the trick for me. Glad I don’t need to look for another SEO option.

Same issue here. Not the first site I’ve used this plugin with, but first time I’ve come across this problem. Thought the fact that I’m developing on localhost might have something to do with it.

I would just like to point out that blocking those IP’s permanently is not an ideal solution, as most of them are fake. The hacker is using a fake IP to try to access your site and switches IP as soon as there is a lockout.
Blacklisting that IP is actually blacklisting some innocent who doesn’t even know about your site or may want/need to visit it at some future point.

That seems to have done the trick, no new lockouts since .htaccess was updated.
Thank you @wpsolutions for your help and a great product.

Everything looks to be in order now.
xmlrpc.php now outputs a 403 Forbidden.
I’ll just wait until tomorrow morning to ensure I can mark this resolved.
Thank you for all your help.

I’ve checked and double checked that pingback protection is enabled.
The rule in my .htaccess is:

#AIOWPS_PINGBACK_HTACCESS_RULES_START
<IfModule mod_alias.c>
RedirectMatch 403 /(.*)/xmlrpc\.php$
</IfModule>
#AIOWPS_PINGBACK_HTACCESS_RULES_END

I tried that as I saw there were 161 visits to that address.
The output is XML-RPC server accepts POST requests only.

28 more lockouts on my site overnight.

Was starting to think it had stopped, but another lockout at 16:34.
I’ll see what it looks like tomorrow again.

That being said, it has been over 2.5 hours since the last lockout.