Ultimate Member – JTC and Login Security not working

Home Forums BulletProof Security Pro Ultimate Member – JTC and Login Security not working

This topic contains 2 replies, has 2 voices, and was last updated by  AITpro Admin 4 months, 3 weeks ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #37429

    Jeff
    Participant

    [Edit by AITpro Admin – The title of this forum topic has been changed to a more relevant topic title]
    Hi,

    I have a very similar problem to Rob Bernstein.

    I have installed BPS Pro installed onto several sites.  Captcha working fine for all http sites.   This problem arises only on sites with a SSL Certificate (ie. https).

    • The captcha field is displayed
    • If username, password and captcha fields are blank – submit error ‘Incorrect CAPTCHA Entered’ – which is correct.
    • If username, password are entered and captcha is left blank or incorrect form submits successfully – which is incorrect.

    It’s gotta be something to do with https.

    I have used activation codes appropriate for the https URLs in these cases.

    Any suggestions?

     

    #37431

    AITpro Admin
    Keymaster

    I got your websites to check from your forum email address.  This site:  pros…com.au has a problem with the www to non-www rewriting, which is a separate problem I think.  Your SSL Certificate for this site is for the www domain and not the non-www domain (just the root domain without www). Typically an SSL Certificate should be using just the root domain name without the www domain.  When I type in www and attempt to login, www is removed and I am redirected to the non-www URL.  JTC is not working at all, but I don’t see any obvious causes for that problem.  Do you have a WordPress SSL plugin installed?  Make sure your WordPress > Settings > General page settings are correct for:  WordPress Address (URL) and Site Address (URL).  Also you should add this BPS SSL/HTTPS Rewrite htaccess code in BPS Root Custom Code > https://forum.ait-pro.com/forums/topic/wordpress-ssl-htaccess-code-rewrite-ssl-rewritecond-server_port/#post-7233

    I guess it is possible that these SSL issues could be causing the problem with JTC. In any case, the SSL issue needs to be fixed and if that fixes the JTC problem then great. If not, then I will continue troubleshooting this problem.

    Update:
    I just noticed that you have this Members plugin installed > Ultimate Member, but I don’t see the Registration or Login page for this plugin.  Typically Membership plugins and themes override BPS Login Security and usually JTC as well.

    Update:
    I just checked and both of your HTTPS/SSL sites have the Ultimate Member plugin installed on them.  Most likely this is the common denominator and not SSL/HTTPS.

    Update:
    Ok so if I manually put in the URI’s for Ultimate member: /register/ and /login/ I can access the Ultimate Member Registration and Login page. BPS Login Security is not working on the UM Login page. I will download and test the Ultimate Member plugin tomorrow. I assume that the Ultimate Member plugin is overriding both BPS Login Security and JTC.

    #37445

    AITpro Admin
    Keymaster

    Oops forgot to post the results of testing the Ultimate Member plugin.  The Ultimate Member plugin overrides BPS Login Security and JTC Anti-Spam|Anti-Hacker.  WordPress Login processing is done using WordPress Login Hooks – Actions and Filters – that hook into the WordPress login process.  WordPress Login processing is a special case and only 1 plugin or theme is allowed to use the WordPress Login Hooks to handle/process logins. Unfortunately, that means that both BPS Login Security and JTC Anti-Spam|Anti-Hacker are being overridden by the Ultimate Member plugin and they are basically “cancelled out” since the Ultimate Member plugin is taking control of all WordPress Login processing using the WordPress Login Hooks.  This is not a problem or conflict and is unfortunately just what is with WordPress Login processing.  I checked the Ultimate Member plugin settings and do not see any options to add Login Security or a CAPTCHA.  You may want to contact the Ultimate Member plugin author and request that they add Login Security and a CAPTCHA feature for their plugin.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.