I run a local classified that runs on WordPress with the Classiera theme, due to user demand, I created a local language version of the site, to sync users between the native language and the English version so that it feels like they are on the same platform whenever they switch back and forth, I made the two sites share one database, cutting the long story short, all things work well for both i.e, user sync, plus the ability to automatically update the user roles and details whenever users do so.
That has been the case for the past 3yrs. And even now, jumping through the different platforms shows all is fine.
The problem I have is, an abrupt misbehaving was reported a few days back by one of the site's users that he wasn't able to log out from his account. Whenever he tries, it takes him to:
https://sitename.com/wp-login.phpaction=logout&redirect_to=https%3A%2F%2Fsitename.com&_wpnonce=5ae4ad7b7d
I suggested clearing browser data on his PC but in vain. I also suggested that he switches to the local language side so he can log out but still, the same would happen on the local language site.
So, I embarked on investigating the issue by trying the following:
deleted the .htaccess file and Saved changes in the site's general parmalinks settings,
Tried troubleshooting for incompatible plugins by renaming them via FTP,
Did the same for the theme,
added the following code;
// Redirect WordPress Logout to Home Page
add_action('wp_logout','auto_redirect_after_logout');
function auto_redirect_after_logout(){
wp_safe_redirect( home_url() );
exit;
};
to the theme's functions.php file. All haven't resolved the issue.
The logout brings you to:
https://sitename.com/wp-login.phpaction=logout&redirect_to=https%3A%2F%2Fsitename.com&_wpnonce=5ae4ad7b7d
If you type the site's url in the browser bar and reload, it still shows am signed in.
What might be the problem?
Tried troubleshooting with the four steps mentioned above but failed to rectify the issue.
Related
I have setup the AMP plugin in WordPress but while going to see the AMP pages (Appearence->AMP), I saw an error "Non-existent changeset UUID".
Also there is message in console says,
"Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://test.com') does not match the recipient window's origin ('https://test.ve.staging.wpengine.com')."
Please help me to resolved it out.
I've recently taken over administration of a website that has historically been ... poorly managed, and upon trying to use WordPress' built in theme customizer, I was greeted with the same message: "Non-existent changeset UUID.", although I didn't get any related messages in the console.
Apparently my issue was caused by the fact that one of the people who set up the site to begin with had decided to put the public site at www.example.com and the WordPress admin pages at example.com/__wp.
If this is your issue, you basically have two options.
Make sure to log in at both domains.
This may be a little difficult since WordPress' login page is part of the admin portion of the site and thus only logs you in to the admin portion of the site, however this proved to be a good temporary solution for me as there was a plugin installed which added a login widget on the public portion of the site.
Change the WordPress Address to be on the same domain as your Site Address.
The Option appears under Settings > General, but in my case I couldn't change the WordPress Address setting there and had to go into the WordPress database in our company's MySQL server.
After dealing with the above issues, I discovered that this issue had also caused a bunch of resources to be incorrectly loaded from example.com that should have been loading from www.example.com, as well as a number of leftovers from the site's development that were causing some resources not to load because the database thought they were at localhost.
With the help of another Stack Overflow answer I found a Database Search and Replace Script in PHP by interconnect/it (also available on GitHub) which allowed me to repair the mess previous people had made of the website without making a new mess with incorrectly serialized data, or all of the work of manually, correctly serializing the data I needed to change.
I recently moved my site built in Word Press to another hosting provider and I found the shortcode [woocommerce_my_account] is not working anymore.
Previously, I had a page called account login where I had the shortcode [woocommerce_my_account]. In the settings I set the landing page to be the same page (account login). so, after an user logged in, it was redirected to the same page showing his/her details.
However, in the new hosting provider this is no longer working. After I put the login information and attempt to login it is taking me to wp-login.php page and ask me to enter my login details again.
The URL path that I see in the browser after attempting to login is similar to this <site_name_url>/wp-login.php?redirect_to=http://<site_name_url>/account-login/
Anybody has got to the bottom of this issue? Thank you.
Try adding this to your wp-config.php:
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
Make sure you change http://example.com with your own domaine. You can also try to search and replace your domaine in the database if it has changed.
You can also try to clear browser cache and cookies. I had an issue like this before, launched a private navigation and it was working fine.
Try setting define(‘WP_DEBUG’, true);, you may see something going on.
Sometimes, php version makes a difference, try to set the same php version on you new host (google the name of your hosting provider + change php version).
When you move sites/restore databases you often need to save the permalinks again.
go to /wp-admin/options-permalink.php and click "save". This will setup your .htaccess file with the correct information for redirects.
Finally, after all of these days searching and trying different things, the answer for this issue in my case was not related with the Word Press installation itself but, with some software installed on the server called varnish, apparently used to cache the site and improve its performance.
After having a support chat with the hosting provider, they mentioned that varnish is breaking the woocommerce plugin.
At this point, I am not sure if varnish is not compatible with woocommerce or the settings applied on the server using this software make woocommerce not to work properly.
I’m working on a wordpress site, it’s almost finished.
Left it lying on the server for a few weeks after the launch to gather user feedback, and now ready to make some minute adjustments.
Loe and behold, can’t login.
Going to parentsauxassembleesgenerales.org/wp-admin won’t show me the admin page, but will instead redirect.
Sure enough, I had an automatic update to 3.8.2 on April 9 that seems to coincide with the admin access being gone.
Contrary to most redirect errors for login pages after an automatic update on forums, the exact url it redirects to is not actually a valid url.
You see others reporting the url they are redirected to as being:
http://www.domain.org/wp-login.php/?redirect_to=http%3A%2F%2Fwww.domain.org%2Fwp-admin%2F&reauth=1
But mine displays: http://www.parentsauxassembleesgenerales.org-login.php/?redirect_to=http%3A%2F%2Fwww.parentsauxassembleesgenerales.org%2Fwp-admin%2F&reauth=1
And is therefore missing three characters: “/wp” to be identical to the other bugs I saw reported. Needless to say, I still tried all the fixes recommended elsewhere, namely:
(using FTP, Softaculous, dowload of WP 3.8.1 and 3.8.2 from wordpress.org, and PHPmyAdmin)
1- deactivating, renaming, removing plugins, theme, both plugins and theme
2- adding lines of code to wp-config
3- looking at the database to make sure the site url and home url were the right ones and the same
4- updating key files like wp-login.php with a fresh version straight out of a vanilla install.
5- moving the content and wp-config to a fresh install (only recreated the problem).
I’m sort of confused at Softaculous (wp install script in cPanel) for asking if you want automatic updates, but still enabling the small automatic updates (3.8.1 to 3.8.2 or 3.8.3) even if you don’t check the box for automatic updates. I don’t, and never will, want automatic updates on my wordpress: too many plugins and themes have a lag to the wordpress core deployment schedule. (I now know I can just add a line to wp-config.php, but the Softaculous interface could be clearer about the automatic update deal).
Am now in contact with the hosting service to look at solutions such as emptying webcache, restoring from their own weekly backups, their own diagnosis of the faulty redirect route, etc.
I’m looking for a solution that will do one of the following:
help me know what causes the redirect error so I can target the problem-solving
help me regain access to wp-admin login and the dashboard
I found the issue.
Despite deactivating the plugins, one of the plugins had caused a problem in the DB which remained even when deactivated, removed or renamed. Had to clean up the relevant redirects in the DB with PhpMyAdmin.
The plugin was Velvet Blues Update URLs, which was recommended for a very small move I was doing (moving the dev version of the site up one folder on the server file system).
I hadn't used this plugin before, but it seemed straightforward enough.
Not.
I usually migrate sites using UpDraftPlus with the pro addon for migration, which works fairly well, but felt longer than it needed to be for a one-folder-up move.
Not.
The search and replace feature on UpDraftPlus that covers both for file/folder locations and for urls is without compare, and even for what it was supposed to do, Velvet Blues Update URLs didn't deliver on its promise.
I am having some problems with Wordpress 3.7. I think they may be related and have something to do with a file ownership/rights issue but I am completely stuck.
I am using the default theme and I have uploaded a new header image
several times through the WP admin interface. Now that I am happy
with the image, I want to delete the old images. Firebug tells me
they are in [my wp root]/wp-content/uploads/2014/01. However, in my
FTP client, this directory is not visible. I only see [my wp
root]/wp-content/uploads/2013
.
When I log into the Wordpress admin interface, it tells me I should upgrade to 3.8. When I tell it to go ahead and give it my FTP credentials, it begins but gets stuck at "Verifying the unpacked files…". I get no error messages and when I give up and leave the page, there are no reports about a failed update. It just keeps showing me the "please update" message.
I am using the default theme and want to change style.css. I cannot do this in the theme editor, it tells me I have to make the file writable first, even after I give all the theme files 777 access in my FTP client (which probably is not a good idea). If I edit the file offline instead and then upload it via FTP, this doesn't have any effect. I can even delete the entire file and still nothing changes at the frontend.
I have tried to create a child theme through the FTP client but it does not show up in the WP backend.
The site is on a shared hosting platform. I can't find the details at the moment but it's a fairly regular setup (Linux, Apache, MySQL). I am testing in Firefox and caching is turned off. If I log out, and log back in again: same problems.
It is almost as if I am FTP-ing the wrong computer but I am really not. What am I missing?
Problem solved. I finally asked my hosting provider and as it turns out they had adjusted a few settings, making them too restrictive.
I have a wordpress site which is acting strange lately. It seems like the database is spontaneously rolling back a few hours from time to time. I have noticed it happen at least four times.
When I updated to wordpress 3.5, after a short time, maybe 30-60 minutes I noticed the nag to upgrade was back. I ran the upgrade a second time, even though I was certain that I had already upgraded.
I added a new category and changed a widget on one of my sidebars, only to find that my changes were gone the next day and I had to redo them.
I added a post yesterday, linked to it in various places and then returned several hours later to find the post missing. I rewrote the post from memory and put it back on the site.
This morning when I went to the site, the original post was back and the one that I had recreated from memory was gone. The post's id number was the same as the previous day. I think there was also a draft post that disappeared and reappeared as well.
One last clue which may or may not be related is that when I go to a page on the blog that should generate a 404 message I get a single piece of text which says: "defaced by t3ll0" I noticed this recently, within the last few weeks. I'm not sure how long it has been like that.
I ran Sucuri Scanner, and it found no evidence of malware. Any suggestions of how to troubleshoot this? Could this be a problem with my database rather than wordpress?
UPDATE: It appears that the primary problem I was noticing was because of two versions of the site being up simultaneously. The DNS settings had not been updated to the new site. I'm still investigating if the site was hacked.
You got hacked. "defaced by t3ll0" is the clue. Someone has control of your site and your hosting account.
Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.
Change all passwords. Scan your own PC for spyware that may have grabbed your login and password.
http://sitecheck.sucuri.net/ is a good resource, but it scans for malware and not accounts that were hacked and are not being used to distribute malware or have spam links.
Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting
You have not applied security may be at number of places.
1. File permissions, folder permissions.
2. Upload folder permissions.
3. Execute permissions.
Now, if you are not a developer how would you check for these vulnerabilities?
I am suggesting you to take a backup of your DB(Export it). Get rid of the existing WP core and reinstall it from fresh.
Delete all plugins and install them all from fresh sources.
If you have used a custom theme then get the backed up version of it and delete the current one as there is a deface to it.
And you can check for a lot of vulnerabilities with plugins like this: http://wordpress.org/extend/plugins/better-wp-security/
Rename your administrator account. Harden your password. Remove write permission from .htaccess and wp-config.php file.