Don’t forget our last post if you can’t login!
So since last “Maintenance Friday™”, A lot of bugs came crawling out of the solid ground that is the base of our website.
Knowing that it would be too much to fix in one evening, I decided to spend multiple in order to keep this update as simple and clean/fast as possible.
However… I did not take into account all the things other developers could possibly mess up.
Which also confirmed how important it is to have your code well documented and to keep your plugins up to date.
I myself was faulty in this as well, with the very nice id card and group plugin throwing that kept flooding the error log.
Trying to fix this on the local copy of the website, resulted in a rabbit hole of many files being edited and red flags going up all over the place.
Since every change you make to the core of an open source system or someone else’s plugin, means that you will have to take care of that with EVERY update you can get.
All in all, not a good thing to do if you don’t have the time to take responsibility over your actions.
Another thing I overlooked was the sidebar login plugin.
I was told by people in the live chat, that even after resetting their password due to the last mayor update, they were unable to login.
It took me over an hour to realize that this was due to a security feature that I activated myself.
Both the default login page and the login form in the forums showed an extra security feature, requesting you to complete a math problem (apple + banana = fruit salad).
This was due to an incomplete setup of the security feature and actually requiring me to jump into an external system to complete the setup.
As long as I can’t connect to my own server to validate the authenticity of your visitors, they will have to prove themselves by doing math!
And I don’t know how to connect as long as you won’t provide me with an API key you need to collect from my server.
So you can go sit on a cactus or complete this task, you moron!
– WordPress Jetpack (2016)
You forget to finish one API connection, and the main issue you wanted to solve only gets more idiotic to get through…
That being mentioned, a few things to sum this all up:
- The sidebar login works now
- The website has been made more secure by extra logging and more checks (in the background).
- A LOT of bugs have been fixed and the responsible parties have been notified.
- We are still looking into a possible solution to have the website even more secure.
- I am an idiot for not testing everything before I wrap things up :)
- I am also planning on having the division plugin updated somewhere within the next few weeks!
Now if you don’t mind… I’m going to get me some extra bananas for the weekend :)