JTC Anti-Spam|Anti-Hacker – Read Me First

Home Forums BulletProof Security Pro JTC Anti-Spam|Anti-Hacker – Read Me First

This topic contains 65 replies, has 15 voices, and was last updated by  Paul 1 year, 3 months ago.

Viewing 15 posts - 16 through 30 (of 66 total)
  • Author
    Posts
  • #21675

    jenni101
    Participant

    [Topic has been merged into this relevant Topic]

    Hi there,

    Just a minor glitch that I thought you should know… I have buddypress + s2member as plugins (+ others) and would like to enable the JTC antispam CATPCHA for the BP login sidebar widget.

    But if I select either the BuddyPress Register Form OR BuddyPress Sidebar Login Form as an option in JTC settings, it enables it but then doesn’t show it – so no captcha can be added (as it’s not seen) so it throws an error and you can’t login.

    It doesn’t effect or show in the BP login menu link; it shows and is fine in the BP register link – but just not in the BP login widget.

    NB: this happens even if i only select to enable it in the BuddyPress Register Form, and NOT in the BuddyPress Sidebar Login Form.

    It’s not a big deal for me at present, as i just have to not use the JTC catpcha on any BP forms, but i thought you should know – though of course it might be a conflict with something on my site I guess too? So please ignore this if this is the case.

    Thanks 🙂

    #21709

    AITpro Admin
    Keymaster

    Sorry for the late response.  Having ISP and email issues for the last couple of days.  Fun stuff.
    If JTC is not displaying correctly then yep it is going to be a conflict with another plugin.  Most WordPress Hooks – actions and filters can be shared by several plugins at the same time, but the WordPress “authenticate” filter: add_filter('authenticate', 'bpspro_wp_authenticate_username_password', 20, 3); is a different case. What happens when different plugins are calling the “authenticate” filter is that one plugin will always override another plugin that is also calling this filter. So most likely it is going to be s2Member. Since s2Member needs to handle all login processing because it is a membership plugin for a members site then you of course want to allow s2Member to have full control of all login processing.
    http://forum.ait-pro.com/forums/topic/bulletproof-conflict-with-s2member/

    #21712

    jenni101
    Participant

    OK, thanks for the lowdown on this.

    Cheers.

    #27470

    Zsolt Edelényi
    Participant

    [Topic has been merged into this relevant Topic]
    I turned on JTC on comment form, but the captcha appears below the submit button by default. How can I put it above the submit button?

    #27481

    AITpro Admin
    Keymaster

    @ Zsolt EdelĂ©nyi – See the beginning of this forum topic and also the Read Me help button in JTC Anti-Spam|Anti-Hacker for how to change the CSS position for the JTC form fields for your Comments template.

    #27484

    Zsolt Edelényi
    Participant

    Thank you for your answer, but there is a misunderstanding, Here I clarify my question. The problem is the order of input fields in html code. The errorneous order is the following:
    input class=”comment” type=”text”
    input class=”submit botton” type=”text”
    input class=”jtc captcha” type=”text”

    The correct order should be:
    input class=”comment” type=”text”
    input class=”jtc captcha” type=”text”
    input class=”submit botton” type=”text”

    As you see, the captcha’s input field should preceed the submit button.My question: How I can change the order of the html input fields to have a correct html?

    #27486

    AITpro Admin
    Keymaster

    See the Comment Form CSS Styling help section at the beginning of this forum topic:  http://forum.ait-pro.com/forums/topic/jtc-anti-spam-read-me-first/#comment-form-css  The CSS code options for the Comment Form allow you to position the JTC CAPTCHA Form input text box anywhere you would like for it to be positioned instead of changing any HTML/PHP Form code.

    #27513

    Zsolt Edelényi
    Participant

    You did not answer my question: How I can change the order of the html input fields to have a correct html? My sites comply with WCAG 2.0 and VPAT, consequently the forms should have logic order of HTML fields.

    #27515

    AITpro Admin
    Keymaster

    If you want to change the actual HTML|PHP code you would edit your Theme files, but you do not need to do that since you can use the JTC CSS Options to change the order of the Form fields:  http://forum.ait-pro.com/forums/topic/jtc-anti-spam-read-me-first/#comment-form-css

    #27516

    Zsolt Edelényi
    Participant

    If you want to change the actual HTML|PHP code you would edit your Theme files

    Can you tell me how? Would you please give me code. Which action hook or filter shall I change or replace?

    you can use the JTC CSS Options to change the order of the Form fields:

    That is not change the real order, only the design. If you use the webpage with screen-reader, css is ignored.

    #27517

    AITpro Admin
    Keymaster

    I used these JTC Comment Form CSS Styling option settings and modified my Theme’s comments.php template to create a blank space for the new position of the JTC Title|Text and Input Text box. I tested this with Chrome and Firefox Accessibility tools and the form displayed visually correct. See screenshots below.

    JTC Comment Form CSS Styling option settings
    Comment Form Label: The JTC Title|Text above the Form Input text box
    position:relative;top:-95px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;

    Comment Form Input Text Box: The JTC CAPTCHA Form Input text box
    position:relative;top:-95px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px0px 0px;

    Theme comments.php template file – created blank space using 3 breaks:
    Added 3 breaks directly above the Input Submit Form button code.

    <br /><br /><br />
    <p><input name="submit" type="submit" id="submit" tabindex="5" value="Submit" class="sub_button" />

    comment-form-accessibility-chrome comment-form-accessibility-firefox

    #27531

    AITpro Admin
    Keymaster

    @ Zsolt EdelĂ©nyi – I also added another example of positioning the JTC Form above the Comment Form Submit button in the Comment Form CSS Styling help section at the beginning of this forum topic:  http://forum.ait-pro.com/forums/topic/jtc-anti-spam-read-me-first/#comment-form-css  The additional example uses the 2014 Theme for the example and shows the CSS stylesheet code changes needed to create a blank space for the JTC Form.

    #27547

    Zsolt Edelényi
    Participant

    Thank you. That’s sound good. I will test it and give you feedback. Probably I am beck in January.

    #27898

    Vastidious
    Participant

    [Topic has been merged into this relevant Topic]
    I’m a new Pro user and I’m just a little confused on what I should be doing. I get somewhere between 2-20 attempts daily from people trying to log into my WordPress backend which ends up locking my main account that I use to publish posts on the site. In order to prevent them from continually locking that account, what I usually end up doing is adding a “Deny from X.X.X.X” rule to the Current root and Current wp-admin htaccess files (in BPS Pro). If they are changing server IPs and they are a similar range I might add a shorter rule, “Deny from X.X.X.”.  This seems to solve the issues until the next one comes along and starts banging at the door.

    I believe there is a custom code I can put in place that prevents anyone from any IP except those I list from logging into the site. I have thought about using this code but I was just concerned about accidentally locking myself out. My home IP is not static but my work IP is. Plus on occasion I login and update the site from other locations (but not quite so frequently as in the past).

    So my question is, should I just go ahead and implement that fix to keep me from having to keep adding Deny rules?
    Is there a limit on how many deny rules I should add?
    Does BPS Pro automatically block repeat offenders if I don’t?
    I’m leaning towards just blocking the world and letting in those who need in.

    PS: If there is a video resource that goes through configuring each of the sections for best practices, that would be helpful. I have watch the basic configuration videos but they don’t really dig in like I was hoping. I was hoping for more of a walk through with someone telling me what the options are and what is the best settings. Helping me really understand what things do.

    I appreciate the work you’ve done. It’s been a great tool for protecting my sites, which is why I decided to purchase. Well worth the money. Thanks!

    #27901

    AITpro Admin
    Keymaster

    @ Vastidious – Typically enabling JTC Anti-Spam|Anti-Hacker is all you need to do to stop/block all automated Brute Force Login attempts and prevent user account lockouts.  Do you have JTC turned on/enabled?

Viewing 15 posts - 16 through 30 (of 66 total)

You must be logged in to reply to this topic.