|
Luciano
|
February 19, 2017 at 7:28 am
We problems with the site because google it is considering the add to cart form insecure and the wp admin as well.
I am pretty sure we don’t have any hacked files even that some ee core files are detected hacked by many antivirus:
/wp-content/plugins/event-espresso-core-reg/core/third_party_libs/dompdf/lib/html5lib/InputStream.php
/wp-content/plugins/event-espresso-core-reg/core/libraries/form_sections/strategies/validation/EE_Email_Validation_Strategy.strategy.php
/wp-content/plugins/event-espresso-core-reg/core/db_models/fields/EE_Email_Field.php
/wp-content/plugins/event-espresso-core-reg/core/db_classes/EE_Import.class.php
/wp-content/plugins/eea-mailchimp/includes/EE_MCI_Controller.class.php
/wp-content/plugins/eea-wp-user-integration/templates/eea-wp-users-registrations-table.template.php
/wp-content/plugins/eea-infusionsoft/xmlrpc-3.0/lib/xmlrpc.inc
The question is if it is anyway to use the form having the wp-admin folder protected.
Thanks,
|
|
Luciano
|
February 19, 2017 at 7:34 am
Sorry it was a silly question…
i fix it
<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any
</Files>
|
|
Josh
|
February 20, 2017 at 10:07 am
You’re correct in that the admin-ajax.php file needs to be allowed access on the front end of the website. See also:
https://www.wordfence.com/blog/2014/05/please-stop-password-protecting-your-wp-admin-folder-because-it-breaks-public-ajax-for-wordpress/
|
