Welcome to the forum:
Our moderators actively respond to forum support requests during normal business hours which are Monday-Friday, 8am - 5pm Central Standard Time, typically within one business day. Although some moderators choose to work during the weekends, we can not guarantee immediate attention to your requests. Thanks for understanding.
What is included with support:
Premium support includes theme/plugin issues such as: bugs encountered under normal operation, how to use basic features, basic WordPress help, and basic help with customization (meaning we point you to resources and will help in more depth as time allows). More information.
Monday, May 25 2015 is Memorial Day. Please note that the iThemes offices are closed during National Holidays.
Support will resume on Tuesday May 26.
Posted 07 August 2014 - 11:44 AM
I am just checking the iThemes Plugin which IMO is the the best plugin for WordPress if ure looking for a complete package.
But still, it has some flaws that should be fixed if you ask me, because they might give the user a wrong feeling about his/her safety:
- "User's nicknames are different from their display name.": Thats not true. Yes, it will prevent NEW users from choosing the same nick as their username or users editing their nick to their username. But for already existing users, this does not change anything. That is IMO a major flaw, because the admin account will be most likely not edited and you still have this issue.
- Why should I make my .htaccess writable? iThemes does not properly work if the .htaccess is not writable. I do not want this file to be writable, I may not want the apache process (and with it any malware) to be able to change this. WordPress can handle this when setting up permalink structure and tells you to edit the .htaccess file on your own.
iThemes tells me to contact support, but still, all features that were checked and need to change the htaccess tell the user to be enabled and give a wrong safety with this.
I think iThemes somehow needs to check if its settings are really applied to the htaccess file.
- Suggestion: Add disabling PHP execution in the uploads folder to One-Click setup. This is a feature that can really prevent malware to spread on your server after a user account has been compromised.
Thanks for the great plugin!
Posted 07 August 2014 - 03:08 PM
Thanks for the feedback, and kind words!
I've recorded your suggestions to our internal project management board and informed the developer.
Please let us know if you have any other suggestions.