Thank you very much, i'm a greenhorn! 😉

You can of course copy/paste block of ip addresses into apache (with the apache config OR htaccess) with 'deny from' rules.

I found https://www.countryipblocks.net/acl.php that can generate htaccess rules even.

That seemed to do the trick - thanks so much @girish 🙂

Is this still an issue?

@bmann said in WordPress Migrate Feedback, SMTP Mailer Instructions:

This is a restriction in the All-in-One WP plugin

Like @scooke says, if we're talking about the same plugin, it isn't. As I said, I recently did one over 1GB.

Closing a loop ...
The oldest version of LAMP here runs PHP 7.4
The site with old software is running PHP 7.0
I was not sure whether 7.4 is old enough, or whether the backup/migrate would fail on that version difference also.
Not wanting to waste time going down unproductive paths, I deployed a docker container running Wordpress and PHP 7.0 and I've managed to get a restore from the AWS site running.
Now in process of upgrading PHP so I can then backup/restore to a Cloudron WP Developer with current software versions.

Thank you for your suggestions - got me going in the right direction.

Thanks @girish.

@corsacca yes, multisite can do this. The original question wanted to install 2 separate apps and share the db table. This is not possible.

@bmann Cal Video does sound good. No objection to paying for anything. It's per-user pricing that often deters, when most users are very occasional, so the value for each is not the same, but the cost is. It corrupt the way apps are used, as you add an overhead for user license management, and often will create shared users to avoid per-user costs. Until the end of time, I will never charge or happily pay per-user pricing. It's a tax on usage, which is the antithesis to value, especially when there's zero marginal costs to the creator.

@imc67 said in Wordpress apps: authLdap plugin Cross-Site Request Forgery:

There is a new version with one of two issues patched

And I note that the other issue "only impacts multi-site installations and installations where unfiltered_html has been disabled."

As per https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/authldap/authldap-258-authenticated-administrator-stored-cross-site-scripting

Also from that page, it sounds like it is only people who are already logged in Admins and above could take advantage of it:

makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

So if you trust your Admins it doesn't really seem to be an issue (in my case this is normally only me and I both trust myself and don't have the tech skills to take advantage of this potential exploit), hence why the author of the authLDAP plugin doesn't seem to bothered by it.

Are you seeing any errors in the browser console or app logs when that happens?

@marcusquinn said in IndieWeb plugin(s) - interesting concept for WordPress -> MicroPub:

What is the IndieWeb?

The IndieWeb is a people-focused alternative to the "corporate web".

Your content is yours

Yeah, pretty much the idea behind adopting and deploying FOSS apps also.
And all indie folks in soul should also be member of this very interesting forum, namely Indie Hackers.

Just stumbled on this, thought people might find interesting.

👍
EDIT: Forgot to mention, that plugin is a great find @marcusquinn

@girish said in Set php.ini memory allocation to match Cloudron memory allocated:

@micmc If it helps: setting memory limit for an app (at the Cloudron level) is like creating a virtual server with that much memory. So, if you allocate 2GB, it's like creating a 2GB server. Inside this 2GB server, there is apache running.

Wow, that's amazing!
And, with the rest of the explanation, it makes it more clear of how this works and how we can better know what we are doing while trying to cope with apps' memory.

I am using this one too - very happy with it 🙂

Allright, thanks !!

@girish From 150 to 256, from 256 to 512, now 1024 Mb... Now I deactivated Wordpress Redis Plugin and stopped service under App > Services.

Yeah, deep in the rabbit hold on research on this. There's nothing that distracts me more than something that has a score attached to it 😂 (not competitive all all 🙂 )

Trying to get a clean sheet of green on this:

https://inspectwp.com

Given WordPress is perhaps the most popular self-hosted app of all, be great to have the Cloudron setup as perfect as possible, particularly for WordPress. So many more expensive options out there charging per site. Lots of wins possible from being able to proclaim the best WP setup possible 🙂

@girish Thank's Girish

On an unrelated note, there's an option in WP dash > Updates to have it auto-install new releases. I noticed some of my sites have that enabled and some don't. It's not a problem, but I mention it because maybe that should be disabled/hidden somehow since this should be handled by the packaging updates.

image.png

Edit: just noticed your latest reply, so I guess WP was auto-updating most of my sites and I thought the packaging was doing that.

Yet, it's very simple to install so I can't see why you went through all the hops.
Just install the plugin, then put in the SMTP credentials found in credentials.txt in the app root in "Other SMTP", done. Host is Mail, port 2525 no SSL nor TLS.