Alwin

Conclusion:

The contactform is only being send with the correct password in the Post SMTP settings (with or without the code in wp-config).

So with the correct password in the Post SMTP settings I quess the code in wp-config is useless then?

Oke… now I have the correct password in wp-config and a fake password in Post SMTP settings and the problem is back:

You getting this message because an error detected while delivered your email.
For the domain: https://www.fotograaf-groningen.nl
The log to paste when you open a support issue:
5.7.0 Invalid login or password

It seems to be working now ??

But what about this question:

when I add the code to my wp-config file do I still have to enter the correct password in the Post SMTP settings as well? Or can I just fill in a fake password in the Post sMTP settings?

I am not using Gmail or 2FA.

I use the SMTP server of the webhost who is hosting the site.

I am sure the username and password in wp-config are correct, because when I use this password and username in the Post SMTP settings, then the contactform is sent.

So, when I add the code to my wp-config file do I still have to enter the correct password in the Post SMTP settings as well? Or can I just fill in a fake password in the Post sMTP settings?

So I tried it again… with the wp-config file like in my previous post

When I send the contactform I get this message from Post SMTP:

You getting this message because an error detected while delivered your email.
For the domain: https://www.fotograaf-groningen.nl
The log to paste when you open a support issue:
5.7.0 Invalid login or password

I just copied and paste your own code….

this is the code from your previous reply (and the one I use)

define( ‘POST_SMTP_AUTH_USERNAME’, ‘[email protected]’);
define( ‘POST_SMTP_AUTH_PASSWORD’, ‘MY_GMAIL_PASS’);

something is not going comnpletely well in this conversation… no problem, I am glad with your help ??

These are the last lines of my wo-config file like it is now:

define( ‘WP_DEBUG’, false );
define( ‘DISALLOW_FILE_EDIT’, true );
define(‘WP_MEMORY_LIMIT’, ‘512M’);

/* That’s all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( ‘ABSPATH’ ) ) {
define( ‘ABSPATH’, dirname( __FILE__ ) . ‘/’ );
}

/** Sets up WordPress vars and included files. */
require_once( ABSPATH . ‘wp-settings.php’ );

define( ‘POST_SMTP_AUTH_USERNAME’, ‘myusername’);
define( ‘POST_SMTP_AUTH_PASSWORD’, ‘mypassword’);

So what am I doning wrong?

Yes, I did use this:

define( ‘POST_SMTP_AUTH_USERNAME’, ‘[email protected]’);
define( ‘POST_SMTP_AUTH_PASSWORD’, ‘MY_GMAIL_PASS’);

But then I am not able to login at my website anymore!

I placed the code at the bottom of the wp-config file, and after that I get a blank page (http error 500) when I go the the wp-adim of wp-login.php pages.

So your code is causing problems.

Can you help me with this please?

I have added the 2 lines of code in my wp-config file and now I am not able to login at my website:

at the page mydomain.com//wp-login.php I get a blank page (http error 500)

Thank you for your help!

One last question about this:

I want to keep using the SMTP server from my webhost. Would it not be a good idea when I setup a specific domain name with an email address that I only use for the SMTP authentication settings in Post SMTP?

This specific domain name/email address is then only used for this and nothing else. The domain has no website, just the email address, which is only used for the SMTP authentication settings in Post SMTP on all my websites.

This way, when one of my websites would get hacked and the hacker would get access to the username/password of this email address it is no problem for me, because I can easily delete the email address and set up a new one (with antoher domain) for this purpose.

At this moment I am using email addressess with the same domain has the websites main domain. When it would get hacked then the hacker could get access to the mailbox and sent out a lot of spam which will hurt the domain name reputation a lot of course.

So do you think using a specific email address for the SMTP authentication would indeed increase my security?

Thank you ??

Thank you for the link yehudah! One more question:

How exactly does storing the username/password in wp-config increase the security?

I am the only user who is logging in at the wp admin from my websites. However, when my website would get hacked then the hacker also has access to my wp-config file and then also to the username/password stored in there?

So is storing username/password in wp-config only helpfull when I would have more wordpress users logging in at the admin?

Still the same problem, servertime is 2 hours wrong. Wordfence 2FA is not working, and I am afraid will never work for me….

Server Time: 2019-08-08 10:39:22 UTC (2019-08-08 12:39:22 Europe/Amsterdam)

Back to DUO 2FA

Still waiting for a solution. Still 2 hours differnce and 2FA not working…

Wordfence>Login Security is showing this server time right now:
Server Time: 2019-05-17 17:52:39

But the correct time is now 19:53:39 !!

So 2FA is still not working for me! I have checked with my hosting company and run some tests myself to check if the server time is correct, and it is.

Also, I have the same problems on other webistes that are hosted by 2 different webhosters.

I have updated to version 7.3.2 but the server time displayed by WordFence is still 2 hours behind…

• This reply was modified 5 years, 10 months ago by Alwin.