Home Forums WordPress Plugins Hide My WP Activating the plugin properly

This topic is: not resolved
Viewing 12 posts - 16 through 27 (of 27 total)
1 2
  • Author
    Posts
  • June 22, 2016 at 5:10 am #10176
    Suman M.
    Post count: 12480
    This reply has been marked as private.
    June 24, 2016 at 8:27 am #10245
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    June 24, 2016 at 11:27 am #10262
    Hassan
    Post count: 955

    Hello there,

    I can’t see wp-admin. Please make Simon a trusted user or disable HMWP so I can go to wp-admin.

    June 25, 2016 at 1:42 am #10273
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    June 26, 2016 at 1:56 pm #10298
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    June 27, 2016 at 9:33 am #10321
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    June 30, 2016 at 11:58 am #10383
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    June 30, 2016 at 7:20 pm #10392
    Suman M.
    Post count: 12480
    This reply has been marked as private.
    July 1, 2016 at 6:06 am #10403
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    July 1, 2016 at 5:04 pm #10419
    Hassan
    Post count: 955

    Sorry for delay,

    I found the problem. It was caused by Tevolution which is used by the theme.

    They do not use standard WP AJAX and create a their own Ajax wrapper. This wrapper pretends itself as a wp-admin file but you already hided wp-admin files by HMWP!

    The easiest way to solve the problem is disabling hide wp-admin in HMWP. I can also edit Tevolution to stop pretending as a wp-admin file but it may cause other problems.

    I also enabled Trust network it’s very simple yet powerful.

    July 2, 2016 at 4:42 am #10423
    Eli_N
    Active
    Post count: 16
    This reply has been marked as private.
    July 2, 2016 at 3:38 pm #10427
    Hassan
    Post count: 955

    You’re absolutely right about the delay and I apology for that but regarding the problem:

    Security by nature is complex. You already used software who require you to first disable firewall or antivirus and then you them. This doesn’t mean those security software are buggy. You also see other WP security plugin which under some fields mentioned this feature may break your site. This is called false positives which is a known and accepted issue in security softwares. Of course, we try to minimize these kind of problems but there is technical limitation.

    Here we have a file which pretends something which is not. They use their own AJAX file instead of standard file provided by WP (admin-ajax.php). This doesn’t mean they do it wrong but strange and this is enough to break the process.

    Finding this kind of problems is hard. Honestly. this means hours of going up and down in code written by others and you have no idea about it. At its best your plugin became compatible for additional %0.01 of users.

    Anyway, here is our latest beta version which added that file as a whitelist. Not the best way but it should work.

    Attachments:
    You must be logged in to view attached files.
  • Author
    Posts
Viewing 12 posts - 16 through 27 (of 27 total)
1 2

You must be logged in to reply to this topic.