Thanks Eli.
I’ll proceed following your advice. I’m going to remove the clone, as I think we’ve arrrived to the root cause of the issue.
Thanks again for your support,
Miquel
Thanks for your support.
I’ve checked the directories and found what you’ve explained above about the permissions.
From your comments the plugin requires read permissions for “other users”, in the sessions folder, doesn’t it?
I can not change permissions for this directory but, if you confirm this is what the plugin requires, I can ask the hosting support to change the permissions.
Thanks,
Miquel
Hello again,
Did you have the chance to check it yet?
If you think you’re not going to do it in the near futre, let me know, as I would remove the sever clone. It’s been created just for this test and it’s costing some money.
Regarding my question above: “Can brute forze protection be enabled for other login pages?” If the answer is not, as I think it is, then I’d probaly just block the access to wp-login.php, as the normal user flow is registering on other forms in the website.
I’d then use the plugin for virus scannning and forget about brute force.
Thanks,
Miquel
Hello,
Somedays ago, I sent by email the credentials to go into the site.
Did you receive it and manage to check the issue yet?
One more question. Can the brute forze protection be enabled on other login pages, apart from the default wp-login.php?
I mean, my site has another login page (deployed by the Woocommerce plugin). Is there a way to configure GOTMLS to protect this other page too?
Thanks.
I’ve changed the htacces a per your indications, and the same php message was printed. ?undefined constant’ (screenshot attached).
https://drive.google.com/file/d/0B8ZDp_ulQ7nyaWFFZjBTMkIteVk/view?usp=sharing
Again I’ve done a furtehr test. Now I’ve copied your script followed by an ‘exit;’ instruction above line 94 of the index.php file, where I’ve seen you’re checking the content of this constant. This time it printed:
/sp/wp-content/plugins/gotmls/images/gotmls.js&mt=1474278354.9215
screenshot:
https://drive.google.com/file/d/0B8ZDp_ulQ7nyeXhRNDI5aFRXVVE/view?usp=sharing
Hope it helps. Thanks.
I tried this script, but it seems the constant GOTMLS_script_URI is not defined.
The script is printing it as a string. See screenshot with PHP error messages:
https://drive.google.com/open?id=0B8ZDp_ulQ7nyS1h4NG96VmphSUk
I’ve taken the initiative to do a further test, by pasting the small script at the end of the index.php file . I’m assuming the constant is defined in this file. When calling the modified index.php file, a small square was printed at the top left side where before it used to print a small GOTMLS logo.
I’ve reverted the change. Still the small square is printed. Below a link to the screenshot with the square, just in case it has any importance…
https://drive.google.com/open?id=0B8ZDp_ulQ7nyTE9QWHhMWndXbzg
Thanks
Seems to work OK:
REQUEST_URI= /sp/wp-content/plugins/gotmls/images/test.php
Screenshot attached:
https://drive.google.com/open?id=0B8ZDp_ulQ7nyUFVEa0FyU2NDTWc
For your information, in case it could be related with this issue, I had to change the directory permissions and ownership, to be able of uploading (ftp) the test.php file.
Does it make sense to uninstall and reinstall the plugin??
Thanks,
The borwser console is printing this error:
Refused to execute script from ‘https://keyelp.com/xxxxxxx/wp-content/plugins/gotmls/images/gotmls.js?SESSION=0′ because its MIME type (‘image/gif’) is not executable.
I’ve checked the folder and there is no gotmls.js located in this directory .
I hope this info can help.
Thanks
The main server is running Apache. There’s asecondary nginx server for static files.
In case it can help understanding the scenario, below a link with a screenshot of the active services running in the cloud server.
https://drive.google.com/file/d/0B8ZDp_ulQ7nyTjkycFBuYkJRQnM/view?usp=sharing
Thanks.
Hello,
I’v migrated my site to another hosting provider (cloud hosting). Since then I can not activate the brute force protection functionality. In the previous hosting (shared one), the plugin funtionality was working good.
Now the plugin does a compatibility test and then it ends with the “No response from server” error message.
Having read your foro, It seems the issue could be related to the rewrite rules.
Some background in case it can help:
- WordPress is installed in a subfolder “public_html/subfolder/”, where the wp-config.php is located.
- There are .htaccess files in both the subfolder and in the root public_html.
Thanks for your work in the plugin and your support,
Miquel
Miquel Conesa.
