Home › Forums › BulletProof Security Pro › JTC Anti-Spam|Anti-Hacker
Tagged: JTC, JTC Anti-Hacker, JTC Anti-Spam
- This topic has 85 replies, 20 voices, and was last updated 2 years ago by AITpro Admin.
-
AuthorPosts
-
jenni101Participant
[Topic has been merged into this relevant Topic]
Hi there,
Just a minor glitch that I thought you should know… I have buddypress + s2member as plugins (+ others) and would like to enable the JTC antispam CATPCHA for the BP login sidebar widget.
But if I select either the BuddyPress Register Form OR BuddyPress Sidebar Login Form as an option in JTC settings, it enables it but then doesn’t show it – so no captcha can be added (as it’s not seen) so it throws an error and you can’t login.
It doesn’t effect or show in the BP login menu link; it shows and is fine in the BP register link – but just not in the BP login widget.
NB: this happens even if i only select to enable it in the BuddyPress Register Form, and NOT in the BuddyPress Sidebar Login Form.
It’s not a big deal for me at present, as i just have to not use the JTC catpcha on any BP forms, but i thought you should know – though of course it might be a conflict with something on my site I guess too? So please ignore this if this is the case.
Thanks 🙂
AITpro AdminKeymasterSorry for the late response. Having ISP and email issues for the last couple of days. Fun stuff.
If JTC is not displaying correctly then yep it is going to be a conflict with another plugin. Most WordPress Hooks – actions and filters can be shared by several plugins at the same time, but the WordPress “authenticate” filter:add_filter('authenticate', 'bpspro_wp_authenticate_username_password', 20, 3);
is a different case. What happens when different plugins are calling the “authenticate” filter is that one plugin will always override another plugin that is also calling this filter. So most likely it is going to be s2Member. Since s2Member needs to handle all login processing because it is a membership plugin for a members site then you of course want to allow s2Member to have full control of all login processing.
http://forum.ait-pro.com/forums/topic/bulletproof-conflict-with-s2member/jenni101ParticipantOK, thanks for the lowdown on this.
Cheers.
Zsolt EdelényiParticipant[Topic has been merged into this relevant Topic]
I turned on JTC on comment form, but the captcha appears below the submit button by default. How can I put it above the submit button?AITpro AdminKeymaster@ Zsolt Edelényi – See the beginning of this forum topic and also the Read Me help button in JTC Anti-Spam|Anti-Hacker for how to change the CSS position for the JTC form fields for your Comments template.
Zsolt EdelényiParticipantThank you for your answer, but there is a misunderstanding, Here I clarify my question. The problem is the order of input fields in html code. The errorneous order is the following:
input class=”comment” type=”text”
input class=”submit botton” type=”text”
input class=”jtc captcha” type=”text”The correct order should be:
input class=”comment” type=”text”
input class=”jtc captcha” type=”text”
input class=”submit botton” type=”text”As you see, the captcha’s input field should preceed the submit button.My question: How I can change the order of the html input fields to have a correct html?
AITpro AdminKeymasterSee the Comment Form CSS Styling help section at the beginning of this forum topic: http://forum.ait-pro.com/forums/topic/jtc-anti-spam-read-me-first/#comment-form-css The CSS code options for the Comment Form allow you to position the JTC CAPTCHA Form input text box anywhere you would like for it to be positioned instead of changing any HTML/PHP Form code.
Zsolt EdelényiParticipantYou did not answer my question: How I can change the order of the html input fields to have a correct html? My sites comply with WCAG 2.0 and VPAT, consequently the forms should have logic order of HTML fields.
AITpro AdminKeymasterIf you want to change the actual HTML|PHP code you would edit your Theme files, but you do not need to do that since you can use the JTC CSS Options to change the order of the Form fields: http://forum.ait-pro.com/forums/topic/jtc-anti-spam-read-me-first/#comment-form-css
Zsolt EdelényiParticipantIf you want to change the actual HTML|PHP code you would edit your Theme files
Can you tell me how? Would you please give me code. Which action hook or filter shall I change or replace?
you can use the JTC CSS Options to change the order of the Form fields:
That is not change the real order, only the design. If you use the webpage with screen-reader, css is ignored.
AITpro AdminKeymasterI used these JTC Comment Form CSS Styling option settings and modified my Theme’s comments.php template to create a blank space for the new position of the JTC Title|Text and Input Text box. I tested this with Chrome and Firefox Accessibility tools and the form displayed visually correct. See screenshots below.
JTC Comment Form CSS Styling option settings
Comment Form Label: The JTC Title|Text above the Form Input text box
position:relative;top:-95px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;Comment Form Input Text Box: The JTC CAPTCHA Form Input text box
position:relative;top:-95px;left:0px;padding:0px 0px 0px 0px;margin:0px 0px0px 0px;Theme comments.php template file – created blank space using 3 breaks:
Added 3 breaks directly above the Input Submit Form button code.<br /><br /><br /> <p><input name="submit" type="submit" id="submit" tabindex="5" value="Submit" class="sub_button" />
AITpro AdminKeymaster@ Zsolt Edelényi – I also added another example of positioning the JTC Form above the Comment Form Submit button in the Comment Form CSS Styling help section at the beginning of this forum topic: http://forum.ait-pro.com/forums/topic/jtc-anti-spam-read-me-first/#comment-form-css The additional example uses the 2014 Theme for the example and shows the CSS stylesheet code changes needed to create a blank space for the JTC Form.
Zsolt EdelényiParticipantThank you. That’s sound good. I will test it and give you feedback. Probably I am beck in January.
VastidiousParticipant[Topic has been merged into this relevant Topic]
I’m a new Pro user and I’m just a little confused on what I should be doing. I get somewhere between 2-20 attempts daily from people trying to log into my WordPress backend which ends up locking my main account that I use to publish posts on the site. In order to prevent them from continually locking that account, what I usually end up doing is adding a “Deny from X.X.X.X” rule to the Current root and Current wp-admin htaccess files (in BPS Pro). If they are changing server IPs and they are a similar range I might add a shorter rule, “Deny from X.X.X.”. This seems to solve the issues until the next one comes along and starts banging at the door.I believe there is a custom code I can put in place that prevents anyone from any IP except those I list from logging into the site. I have thought about using this code but I was just concerned about accidentally locking myself out. My home IP is not static but my work IP is. Plus on occasion I login and update the site from other locations (but not quite so frequently as in the past).
So my question is, should I just go ahead and implement that fix to keep me from having to keep adding Deny rules?
Is there a limit on how many deny rules I should add?
Does BPS Pro automatically block repeat offenders if I don’t?
I’m leaning towards just blocking the world and letting in those who need in.PS: If there is a video resource that goes through configuring each of the sections for best practices, that would be helpful. I have watch the basic configuration videos but they don’t really dig in like I was hoping. I was hoping for more of a walk through with someone telling me what the options are and what is the best settings. Helping me really understand what things do.
I appreciate the work you’ve done. It’s been a great tool for protecting my sites, which is why I decided to purchase. Well worth the money. Thanks!
AITpro AdminKeymaster@ Vastidious – Typically enabling JTC Anti-Spam|Anti-Hacker is all you need to do to stop/block all automated Brute Force Login attempts and prevent user account lockouts. Do you have JTC turned on/enabled?
-
AuthorPosts
- You must be logged in to reply to this topic.