The-SEO-Framework-Extension-Manager icon indicating copy to clipboard operation
The-SEO-Framework-Extension-Manager copied to clipboard

Published 20 hours ago verified publisher icon sybrew

Error code: 2001

Open vanndigital opened this issue 5 years ago • 5 comments

Describe the bug

To Reproduce Steps to reproduce the behavior:

  1. Go to 'WP Admin Dashboard'
  2. Click on 'SEO Extension Manager'
  3. Scroll down to 'the bottom of the SEO Extension Manager page'
  4. See error

Expected behavior

I'm getting this error message:

"Error code: 2001 — An error occured while verifying the options. Security keys have likely changed and enabled extensions are now inactive. If this error keeps coming back, please disconnect your account and try again."

Screenshots

Additional context

vanndigital avatar Sep 22 '19 22:09 vanndigital

Hello @vanndigitalnetworks!

This issue may happen when you update your wp-config.php AUTH keys, or when you change domains.

To resolve this, please hit the disconnect button under "Account and Actions" (you may need to scroll down) a few times until you're kicked back to the activation page. Then, you can reconnect. Reactivate the extensions you wish to use, and you're all set!

No extension-settings will be lost in this process.

If you're still facing issues, let me know! Cheers 😄

sybrew avatar Sep 23 '19 07:09 sybrew

But that's just it, I haven't changed anything (wp-config.php AUTH keys nor domains) I don't think.

But I'll see what happens today then reply if it happens again...

vanndigital avatar Sep 23 '19 13:09 vanndigital

So I've since uninstalled this plugin because I got tired of having to disconnect it then reconnect it every few days because of this same error...

vanndigital avatar Oct 01 '19 20:10 vanndigital

I completely understand your frustration!

Do you have a "security" plugin activate with an option enabled that changes the authentication/nonce/salt keys? These are the keys I am mentioning: https://api.wordpress.org/secret-key/1.1/salt/.

If you can find and disable that option, the error should no longer pop up.

Changing the keys is a useless "security" feature, and you can safely disable it and leave the keys as-is for an eternity. Below follows an explanation, which only scratches the surface.

Those salt keys are best kept a secret, but even if they leak out, it's not an issue. This is because developers must adhere to a strict security framework where those keys are only meant to prevent rainbow table (database) lookups. They're only one part of a giant puzzle.

Even when someone were to obtain or reverse-engineer the keys, it'll take them a few billion years to create the required nonces from the keys. Even if they are successful in that, they must still obtain your session tokens (cookies); I bid them good luck with that. Again, the keys are only there to prevent crackers from creating a database of results--which, again, will only be a part of the imposed security framework and that would still not allow them to hack your site.

I condemn "security" plugins making a living from creating bespoke fear on subjects not well understood.

sybrew avatar Oct 02 '19 10:10 sybrew

VaultPress is the closest thing to a security plugin I use...

vanndigital avatar Oct 03 '19 20:10 vanndigital