BuddyPress.org

Also, the “security issues” as far as the ticket indicates, are not applicable to the version WordPress uses. Meaning that WordPress is updating to the versions without those issues.

We already have a ticket for this: https://buddypress.trac.wordpress.org/ticket/9044

This was fixed and will be released as part of BuddyPress 14.1. https://buddypress.trac.wordpress.org/milestone/14.1.0

@martenw

Hi there, would you like to open a bug report in trac for this?

https://buddypress.trac.wordpress.org/

@mike8022 It’s certainly something something that I’ve done, because removing items from search can really hit large servers, it’s a known performance issue. So it’s better to not offer search to the bots, so that you can have a more nuanced approach to search for logged in users, and also for people visiting the site. A bot should not ne using search at all, in fact this is a primary part of a DOS attack, to het WordPress constantly searching for none existent pages. So what I’m thinking for my plugin, is to exclude bots from all searches, to give logged in users full search, and to have controls on what site visitors are able to search for. Included in this is the need to have control over the xml sitemap, and to enable hard rules for exactly what site visitors are allow to search for. Include in this a strategy of honeypots and other traps for those with prying eyes.

bbPress tags seem be a bit of a target, as a lot of the security solutions out there do not cover them. it pretty simple to turn those off for not logged in users, and also to choose to turn them off just for bots I reckon, but it shows a comprehensive approach is needed I reckon, and this DOS attack I’m looking at currently is helping my ideas gel into that comprehensive approach. As I see it, ideally, next time I get an attack, I’ll have a single page allowing me to lock down the entire site if I need to.

Hello @patlife

To access your account and website on WordPress.com, take the following steps:

Visit the WordPress.com homepage.
Click “Log In” in the upper right corner.
In the box provided, enter your account’s email address or username. More in-depth details are here: https://wordpress.com/support/log-in-to-wordpress-com/

If the above details are unable to fulfill your asking, share more details on what exactly you are looking for.

We have a fix in progress: https://buddypress.trac.wordpress.org/ticket/9221

Currently, there isn’t any updated documentation regarding Avatar’s. There is some outdated info/documentation which is missing some information and is inaccurate with other information. A goal of the BuddyPress Team (BP) is to make documentation available that is current and accurate. That stated this will be on my TODO list to release documentation regarding Avatars, although what I’m covering here would be considered a “developer” handbook chapter.

In the meantime, there are a number of CONSTANTS that define the size (Width x Height) of various aspects of an Avatar, some of which you already know. There are other parameters that specify the “quality” during a resize and/or cropping process and these processes utilize WordPress to accomplish these tasks.

For example the CONSTANT – BP_AVATAR_ORIGINAL_MAX_WIDTH – default set to 450 – triggers a resize of an uploaded image that exceeds the size defined by this CONSTANT at a “quality” level of 90 (default). In your case, the 610 x 610 image is resized to 450 x 450 at a “quality” level of 90. Assuming defaults for thumb (50) and full (150) the image (450 x 450 @ 90) is cropped based on the cropping boundary box to the sizes for thumb and full at a “quality” level of 82 (default). In this example, your 610 x 610 image has undergone 2 processes that has reduced the “quality” twice.

To mitigate the degradation process, you could set BP_AVATAR_ORIGINAL_MAX_WIDTH equal to or greater than 610. The point being this would be the max width size before triggering a resize. This now leaves the cropping process at a “quality” level of 82, of which, you could mitigate by setting the JPEG “quality” level to something greater than 82 (max would be 100), assuming that you are uploading a jpg/jpeg image. This is defined at the following URL:

jpeg_quality

I’ll assume you know how to create a filter with a callback to return the desired “quality” level. Whether what I’ve outlined will satisfy your requirements for not being “horribly blurry” is yet to be determined because there may be another reason for “horribly blurry” and this just represents another “process of elimination” step/stage.

Hello @thesupercargo

By the nature of the scenario, there is a chance it’s an isolated scenario that is present in your environment. To get the root, if possible check by yourself by mentioning those mention who are not getting the link. As you mentioned there doesn’t seem to be a pattern, I believe you have done that already and you made sure that there aren’t any spaces, and such a scenario.

Now, you can check theme/plugin conflicts. Although there is a very low chance that there would be conflicts still. To do that, you can try this plugin: https://wordpress.org/plugins/health-check/ Also please consider checking WP-Admin->Settings-> Discussion to see where there is any moderation for those users.

If the above are all good, consider checking whether there is any location or any other restrictions from the server side. I haven’t faced such a scenario as well, that’s why, I am curious as well to know what exactly is root cause.

Perhaps I need to create a new post for this or find the relevant one, but the Avatar and Cover images are showing blurry. I tried adding this code to my functions file (via snippets plugin) and it did nothing. I need to change the quality of the images to 100% not be so blurry. How do I tell BuddyPress to use the full image and just scale it down to fit the image size vs. using the thumbnail size, since typically in WordPress those images are horribly blurry.

Here’s the code I added which only alters the image sizes not QUALITY.

<?php

// Define Buddypress Avatars Dimensions.
if ( ! defined( 'BP_AVATAR_THUMB_WIDTH' ) ) {
    define( 'BP_AVATAR_THUMB_WIDTH', 50 );
}

if ( ! defined( 'BP_AVATAR_THUMB_HEIGHT' ) ) {
    define( 'BP_AVATAR_THUMB_HEIGHT', 50 );
}

if ( ! defined( 'BP_AVATAR_FULL_WIDTH' ) ) {
    define( 'BP_AVATAR_FULL_WIDTH', 150 );
}

if ( ! defined( 'BP_AVATAR_FULL_HEIGHT' ) ) {
    define( 'BP_AVATAR_FULL_HEIGHT', 150 );
}
@whynotadv
Comment

Thanks Venutius, I spent some time using your code along with ChatGPT and this seems to have worked for me, all the feeds are gone….maybe this will help someone else!

function disable_all_rss_feeds() {
    // Disable all WordPress feeds
    function disable_all_feeds() {
        wp_die(__('No feed available, please visit the <a href="'. get_bloginfo('url') .'">homepage</a>!'));
    }

    add_action('do_feed', 'disable_all_feeds', 1);
    add_action('do_feed_rdf', 'disable_all_feeds', 1);
    add_action('do_feed_rss', 'disable_all_feeds', 1);
    add_action('do_feed_rss2', 'disable_all_feeds', 1);
    add_action('do_feed_atom', 'disable_all_feeds', 1);
    add_action('do_feed_rss2_comments', 'disable_all_feeds', 1);
    add_action('do_feed_atom_comments', 'disable_all_feeds', 1);

    // Remove RSS feed links from the header
    remove_action('wp_head', 'feed_links', 2);
    remove_action('wp_head', 'feed_links_extra', 3);

    // Disable BuddyPress feeds
    remove_action('bp_activity_feed', 'bp_activity_action_sitewide_feed');
    remove_action('bp_activity_sitewide_feed', 'bp_activity_action_sitewide_feed');
    remove_action('bp_member_activity_feed', 'bp_activity_action_sitewide_feed');
    remove_action('bp_group_activity_feed', 'bp_activity_action_sitewide_feed');
    remove_action('bp_member_feed', 'bp_dtheme_activity_feed');
    remove_action('bp_group_feed', 'bp_dtheme_group_activity_feed');

    // BuddyPress Nouveau template pack feed removals
    remove_action('bp_nouveau_group_header_meta', 'bp_nouveau_group_meta', 50);
    remove_action('bp_nouveau_group_header_meta', 'bp_nouveau_group_meta', 50);
    remove_action('bp_nouveau_action_activity_content', 'bp_nouveau_activity_feed', 5);

    // Disable BuddyPress members feeds
    remove_action('bp_members_directory_members_feed', 'bp_members_feed');

    // Disable BuddyPress groups feeds
    remove_action('bp_groups_directory_groups_feed', 'bp_groups_feed');
    remove_action('bp_group_activity_feed', 'bp_group_activity_custom_feed');

    // Disable BuddyPress blogs feeds
    remove_action('bp_blogs_directory_blogs_feed', 'bp_blogs_feed');
    remove_action('bp_blog_comments_feed', 'bp_blog_comments_custom_feed');

    // Disable BuddyPress forums feeds
    remove_action('bp_forums_directory_topics_feed', 'bp_forums_feed');
    remove_action('bp_forums_topic_feed', 'bp_forum_topic_custom_feed');
}
add_action('bp_init', 'disable_all_rss_feeds', 1);

// Disable BuddyPress Nouveau feeds
function disable_buddypress_nouveau_feeds() {
    remove_action('bp_nouveau_activity_feed', 'bp_nouveau_activity_feed');
    remove_action('bp_nouveau_group_feed', 'bp_nouveau_group_feed');
}
add_action('bp_init', 'disable_buddypress_nouveau_feeds', 1);

// Disable pingbacks and trackbacks for privacy
add_filter('xmlrpc_methods', function($methods) {
    unset($methods['pingback.ping']);
    return $methods;
});

add_filter('wp_headers', function($headers) {
    unset($headers['X-Pingback']);
    return $headers;
});

add_filter('pings_open', '__return_false', 10, 2);

// Remove RSS feed div by ID and class using jQuery
function remove_rss_feed_div() {
    if (is_buddypress()) {
        ?>
        <script type="text/javascript">
        jQuery(document).ready(function($) {
            $('#activity-rss-feed.feed').remove();
        });
        </script>
        <?php
    }
}
add_action('wp_footer', 'remove_rss_feed_div');

add_filter( 'bp_rest_api_is_available', '__return_false' );

@briebree I’ve been developing a plugin which you may want to check. It doesn’t give option to choose different avatars, but it does allow members to join groups anonymously.

BuyddyBoss & BuddyPress Anonymous members Plugin

It is not in the wordpress.org plugin repository yet, thanks to a huge list of plugins awaiting review.

ok, the quick fix is to install – https://wordpress.org/plugins/disable-feeds-wp/

So long as this is set to redirect to the homepage (in settings>>Reading), then is will redirect all feed requests to the referring page.

However, those feeds are still being produced, and I have found a filter to disable them completely.

‘bp_is_action_variable’

I’ll see if I can come up with some code for this later.

Hi,

For the activation email issue, check your BuddyPress and WordPress settings to ensure emails are configured correctly. Also, look for plugin conflicts that might be affecting it.

For the profile redirection problem, verify that your website URL settings in WordPress and BuddyPress are correct. Double-check the URL configurations to ensure they point to your site.

If you need more help, contacting support might be a good next step.

Thank you, but after updating the plugin to the lattes version, a notification message is stacked at the top of my WordPress admin dashbored as follows:

(For BuddyPress Multilingual to work you must enable WPML together with BuddyPress or BuddyBoss.)

—————————————-

even the WPML and BuddyPres are already active and working

That’s interesting, I don’t have this issue myself as far as I can see. Certainly, using the Android “app” that I use, it’s fine. My theme does not touch the WordPress top=bar menu, as far as I can see. I use Graphene.