Alleged conflict between Clearfy remove comments function and JTC AntiSpam

Home Forums BulletProof Security Pro Alleged conflict between Clearfy remove comments function and JTC AntiSpam

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
  • #38443

    Hello AIT-pro,

    I’m a self-taught WordPress user with limited coding skills. I am new to Bulletproof and I am really glad it makes security via htaccess so easy that even I can make it work in a few clicks (thank you).

    While playing in a Laragon staging site, I may have found a conflict between: BPS-PRO JTC AntiSpam and Webcraftic Clearfy Remove HTML Comments function.

    When “Remove HTML Comments” is active, JTC’s tooltip doesn’t display properly. Instead, the hint message appears as a sliding text in the bottom-left side of the screen. The issue is almost as described in #post-19510 but with no tooltip at all (I have an almost identical screenshot, but I can’t figure out how to post it). No errors recorded in BPS or debug logs. I could stage it in a fresh WordPress install featuring only both plugins’ settings active at the same time.

    It seems to me that Clearfy is preventing JTC’s output from showing properly by accidentally removing some required lines of code. So, the quick fix (for BPS users who might need it) is to disable Clearfy’s remove HTML comments functionality. JTC’s tooltip immediately starts working again as expected.

    I chose to report this issue because the alleged conflicting functionality seems quite popular in optimization, minification and caching plugins. My concern is that JTC may be targeted by set-and-forget plugins, but I haven’t tried it yet and I’m not clever enough to find out why. Clearfy functionality hints state that it doesn’t target “special comments”. If this was true for other similar plugins, there may be a way to prevent JTC’s Tooltip from breaking in a similar scenario.

    I hope it makes sense,

    Kindest Regards, GdS.

    AITpro Admin

    Thank for reporting this.  We will test the Clearfy plugin to see what is going on.

    AITpro Admin

    Testing will begin shortly.  I will post the results after testing.  I noticed the Clearfy plugin does these things below, which you never want to do because Query Strings are cached by Browsers.  If you remove the Query Strings file versions then Google and other Browsers will display the old js, CSS code and not refresh your website cache based on the new Query String version #.

    • Remove Style Files Version — complicates the process if someone wants to hack your site.
    • Remove Javascript Files Version — it is more difficult to determine the version of installed plugins and hack the site.
    • Remove Querystrings — helps with the caching of JS and CSS and increase the speed of website load.

    You also never want to disable the WordPress Heartbeat API since most plugins and themes use WordPress Crons. Disabling the WordPress Heartbeat API will break all WordPress Crons in all plugins and themes.

    • Disable WordPress Heartbeat API — completely disables the Heartbeat API WordPress function.
    AITpro Admin

    Testing completed – Results are below:

    The Clearfy plugin is not compatible with BPS Pro, but is compatible with BPS free. The Clearfy plugin tries to interfere with BPS Pro functionality and by doing so it makes its own Clearfy options settings page display blank. Now that is ironic.

    Notes: In general the Clearfy plugin disables or turns off a lot standard WordPress features and functionality.
    There are potentially many problems that could occur for anyone who uses this plugin. It has the potential to break many plugins and themes and worse it does not include debugging tools.
    This is the type of plugin that you need to pay extra attention to for each option setting that is used. ie test, test, retest and test again all of your other plugins and your theme when you enable each of the Clearfy plugin option settings.

    CAUTION: The Clearfy plugin compresses/minifies js scripts, which is known to break things in many plugins and themes.

    The Remove HTML Comments option setting is under the Defence menu:
    The Clearfy plugin does not remove the inline jQuery code for BPS JTC, but does remove the JTC CSS code. JTC does not display correctly due to Clearfy removing the inline JTC CSS code.
    Workaround or Permanent Solution: None. The JTC CSS code MUST be loaded inline. The Clearfy Remove HTML Comments option setting cannot be used with BPS JTC.


    @AITpro_Admin , excellent explanation!

    Thank You for your dedication and precious advice.

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.