This group will focus on Commons In A Box support issues.
One way to strengthen your WordPress install is to disable PHP execution from the /wp-content/uploads/ folder.
You can view this article to find out how to do so:
Most malware gets uploaded there and executed. The problem is finding out how these files are uploaded there…[Read more]
I’ve been the victim of multiple attacks recently, and while I don’t know that CBOX plugins are the point of entry, I can’t find any other vulnerability, and WordFence keeps shouting at me to update some of these plugins. I’m toying with updating manually by editing
wp-config.phpas Christian describes here but reluctant to create new headaches…[Read more]
Ray replied to the topic BuddyPress wiki doesn’t seem to play nicely with WordPress multisite in the forum Help & Support 1 week, 3 days ago
From what you say here:
Our expectation was that we’d be able to support multiple, discrete commons setups from a single WordPress install. However, we’re seeing some odd behavior.
It sounds like you require the WordPress Multi-Network plugin:
Plus, another BuddyPress plugin that sup…[Read more]
Chris Maden started the topic BuddyPress wiki doesn’t seem to play nicely with WordPress multisite in the forum Help & Support 1 week, 3 days ago
I started with a new WordPress site, configured as multisite, and installed CBOX from the WP dashboard, then installed the themes and additional plugins as recommended by the docs. See our test sandbox.
Our expectation was that we’d be able to support multiple, discrete commons setups from a single WordPress install. However, we’re seeing som…[Read more]
I’ve just run WPEngine’s PHP Compatibility Checker and found one small error:
In /wp-content/themes/cbox-theme/engine/includes/buddypress/bp-widgets.php on line 43 —
“ERROR | Using a variable argument on break or continue is forbidden since PHP 5.4”
There are also a few warnings for .php files with no PHP code.
What would it take to fix th…[Read more]
I’d like to add Keyring to this thread as a possible solution. It’s credited to Automattic (amongst others) so it should have decent support. To quote from the FAQ:
Keyring just provides a framework for handling connections to external services. You need to download another plugin which makes use of Keyring to do anything useful (e.g. an importer…
Jared – that is pretty much along the lines of what I was looking for…and combined with plugins that allow you to push outward to other social media networks…this would have worked well. Pity it isn’t working.
There was a really cool plugin that previously did this. It hasn’t been updated in a while, and doesn’t work anymore, but might be worth investigating if you were thinking of developing something:
The “Logo Position” setting radio button in the CBOX Theme Options doesn’t work. “Left” is okay. “Center” moves the logo left, partially off the screen, instead of centering it. “Right” puts the logo the same place as “Left” instead of moving the logo to the right side of the screen. This is with version 1.0.15 of Commons in a Box, and 4.7…[Read more]
Wasn’t thinking about anything specific…mostly just ideas to overcome the issue we’re having.
Lowest hanging fruit would be pushing specific twitter hashtags into a group’s activity stream (the idea being that the activities of the group extend beyond what is happening on the CBOX site…but the CBX site is acting as a hub of…[Read more]
A few thoughts:
1. What do you mean by “pull tweets into CBOX”? Are you thinking of something like what we have on the CUNY Academic Commons ( https://commons.gc.cuny.edu/twitter/ ), which pulls tweets from hashtags, user accounts, and lists onto a page, or are you hoping to have tweets feed into group feeds and notifications? I…[Read more]
You could try integrating IndieWeb with CBOX. You would probably have to use a compatible theme, since IndeWeb has some fairly stringent requirements regarding microformats. Also, I don’t think there’s much in the way of BuddyPress integration yet, but that might not be too hard to achieve.
Greetings all. In trying to grow our commons in a box-based community (commons.digitalarchaeology.msu.edu), we’ve had many people say that they like the idea, but just can’t cope with yet another network/platform/etc. A lot of our members and potential members are active on other social networks (primarily Twitter). So, we’re looking for wa…[Read more]
Hey Tom & Ray,
Thanks so much for your detailed replies. I’m going to go through them step-by-step tomorrow and see what additional things I can implement. I have cleaned the site with WordFence and it did find several files which appeared to be hacked. I’m not sure if it was a problem with plugins or something with the host. Like Tom it is all a…[Read more]
I forgot to mention your first point about staying safe.
I would disable access to WP’s
xmlrpc.php. Unless you’re using specific functionality from the Jetpack plugin or if you blog with the WP mobile app, you do not need to enable this functionality, which can be used to post spam and attack administrator passwords.
Similarly, you’d…[Read more]
A Cbox site I support was also hacked recently with what looks like similar results as your site.
Doing a Google search with the “site:” operator shows similar spammy results. ( site:planetearthlings.org ) Look several pages into the search results to see the spam.
I would not be too hasty to blame plugins – I feel like companies just…[Read more]
Sorry to hear your site got hacked.
To uninstall CBOX, just deactivate the plugin, then you can deactivate and remove all the other plugins that came with CBOX.
You can keep using the theme, but you’ll need to manually check for updates yourself on GitHub:
Our CBox site has been hacked twice in the past week. The webhost says it is more than likely due to problems with WordPress plugins. Have been uninstalling all plugins which aren’t totally necessary.
We originally created the site with the idea of using CBox/BuddyPress to have a social network, but due to the complexity of it in terms…[Read more]
- Load More