Bugs Report BulletProof Plugin

Home Forums BulletProof Security Free Bugs Report BulletProof Plugin

This topic contains 10 replies, has 2 voices, and was last updated by  Nam 7 months ago.

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #34291

    Nam
    Participant

    1. Login  Function :

    The number remaining is not right in case user logins fail the first time

    Preconditions: Login page is displayed
    Step: Input valid account and wrong password

    Actual: System shows remaining 0
    Expect: System shows remaining 5

    Noted: This issue only appears in the first time user login fail

    2. System

    After being unlocked automatically, the status of the account
    is not updated

    Preconditions:
    – User has been locked account
    – Administrator configures [Automatic Lockout Time] field = 10 minutes

    Step:
    1. Administrator opens “Login Security” page under “BPS Security” in Left Menu
    2. Verify status of account after being locked
    3. Wait 10 minutes, refresh page and verify the status of the account

    Actual: After being locked account 10 minutes, the status of the account in list is not updated from Locked to Unlock
    Expect: The status is updated from Locked to Unlock

    3. Administration functions

    The system shows 2 records for one account after Administrator unlocks locked account

    Preconditions:
    – User has been locked account
    – Administrator login to the system

    Step:
    1. Administrator opens “Login Security” page under “BPS Security” in Left Menu
    2. Administrator checks Unlock checkbox of the locked account and click Submit button.

    Actual: The account was locked, Administrator unlocks the account, the list appears 2 records of the account
    Expect: Only has 1 record of the account

    4. Login page

    The system shows an error message on the top and the login form is left align when user logins fail the first time.

    Noted: This issue only appears on Design site

    Please check these bugs are reported and inform to me as soon as available because of this plugin is installed on my sites.

    #34295

    AITpro Admin
    Keymaster

    1. Known issue may or may not be changed.
    2. Login Security backend uses pure PHP coding and not any js or AJAX client-side real-time updating. When the lockout time expires for a locked user account then the next time the user logs in the locked status will be updated via PHP code. The locked status can also be changed by updating the PHP option setting form options from the backend form.
    3. This is necessary and normal behaviour and is not pending a change. There are many valid reasons why this normal functionality exists.
    4. Sounds like some sort of plugin or theme conflict.  Please explain the problem in more detail and list any plugins or themes that may be causing this problem.

    #34297

    Nam
    Participant

    Yes, I got it.

    Thanks for your quick reply.

    #34361

    Nam
    Participant

    Hi team,

    Many thanks for your commented again and so sorry for late reply for this question :
    Please explain the problem in more detail and list any plugins or themes that may be causing this problem‘.

    For more information about this error as follow :

    • The error message appeared on the top of the screen such as: ‘Undefined variable: remaining in login-security.php on line 750′ and the login form is left align when user logins fail the first time (break site’s responsive)
    • The list of plugins are using on the site are many but while we’ve checked so just the BulletProof Security plugin was activated. Therefore I thought whether Is there a conflict with any which plugins on the site?
    • We are using a customized theme that’s built by my team and we don’t have to see any conflict or kind of this bug ever before.

    Please help to check this bug for my team, many thanks and I’ll be happy to waiting for your response….!

    #34370

    AITpro Admin
    Keymaster

    Do you have WP_DEBUG turned On?  WP_DEBUG should only be turned On when debugging a website and should not be left turned On permanently.  Leaving WP_DEBUG turned On permanently will cause severe website performance problems and will cause plugins and themes to work incorrectly/malfunction.  ie WP_DEBUG will actually cause problems.  The correct usage for WP_DEBUG is to temporarily check for php errors occurring, note those php errors and then turn Off WP_DEBUG so that your website, plugins and themes can function normally/correctly.  Let me know if the problems are still occurring after your turn Off WP_DEBUG.

    #34412

    AITpro Admin
    Keymaster

    This bug has been fixed in BPS 2.8:  “The attempts remaining number is not correct when a user login fails the first time”.  This fix also fixes the Notice: Undefined variable: remaining in /xxxxx/wp-content/plugins/bulletproof-security/includes/login-security.php on line 754 PHP Error when WP_DEBUG is turned On.

    #34414

    Nam
    Participant

    Yes, I’ve checked again and WP_DEBUG is turning On because I’m using on staging environment for test.
    Many thanks for your response and I’ll work on it so if we have issues I’ll inform you to get to know your support.

    Thanks, the team once again.

    #34415

    Nam
    Participant

    “This bug has been fixed in BPS 2.8:  “The attempts remaining number is not correct when a user login fails the first time”.  This fix also fixes the Notice: Undefined variable: remaining in /xxxxx/wp-content/plugins/bulletproof-security/includes/login-security.php on line 754 PHP Error when WP_DEBUG is turned On.”

    Sorry If this has any inconvenience but I can’t see BPS version 2.8 on WordPress Plugins Forums, the latest version on the market is 2.7 now. Can you let me know What time this version is released?

    #34417

    AITpro Admin
    Keymaster

    BPS 2.8 will be released today at 5pm PDT.

    #34431

    Nam
    Participant

    Yes, I see. Many Thanks!

    #34791

    Nam
    Participant

    Hi Team,

    First I want to say many thanks for your support about previous bugs that I’ve reported.

    But during I’m using the plugin, I saw something error when login to my account is locked by the first time and everything is good and then the second login again after this account was locked, the number of remaining is displayed not like my expected before.

    For example:

    First time: My account is locked after trying login too many failed and locked out for 5 minutes.

    Second time: After 5 minutes, my account is unlocked and I’ve login again but for the first time the number remaining is -1, -2…..although it should be the number that I’ve set in administrator function.

    Please help me to solve this issue. Many thanks again and I’ll be happy waiting for your support.

     

Viewing 11 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic.