I'm working on a site that is share hosted at ipower(dot)com. I went to login via Wordpress. But after I entered my login credentials, I got forwarded to an https login page with the error: ERR_SSL_UNRECOGNIZED_NAME_ALERT
The url I start with is http://chpconsultants.com/wp-admin or /wp-login.php. Every time I enter my login credentials and then press the login button, I get routed to https version of those links.
After I've tried to login, if I go to the front end of the site, I can see the admin toolbar across the top of the page, but if I click on anything in the toolbar, I again get routed to an https page with the ERR_SSL_UNRECOGNIZED_NAME_ALERT error.
This is a wordpress site, v. 4.8.2. PHP version 5.6.30. It's using a basic version of Sitelock, so a firewall/CDN. I don't have, and can't get, SSH access.
Here's what I've done to try and fix it so far:
1) Going into the mysql db into wp_options and checking that the urls in both the siteurl and home are using http and not https
2) Deactivating all my plugins to ensure no conflict
3) Cleaning out my .htaccess file and re-setting it with the default wordpress .htaccess
4) Adding this to my .htaccess file:
RewriteCond %{HTTPS} on
RewriteRule ^ http://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
5) Adding this to my wpconfig file:
define('WP_HOME','http://chpconsultants.com');
define('WP_SITEURL','http://chpconsultants.com');
6) adding this to my wpconfig file:
define('FORCE_SSL_ADMIN', false);
7) adding this to functions.php:
update_option( 'siteurl', 'http://chpconsultants.com');
update_option( 'home', 'http://chpconsultants.com' );
8) Clearing the wordpress cache numerous times throughout the above steps
9) Purging the SiteLock cache numerous times throughout this process
10) Creating a new wp user through the database and trying to login with that. I got the same https results
11) Contacting Sitelock to ask if there was anything in the firewall that might be forcing SSL. I spoke with a great tech support person there, who also happened to be highly experienced with wordpress. He actually took a look at the site himself and replicated the issue. He also looked at several things including all of the above steps I did and verified he saw nothing in the site that could be causing this problem.
If you've read this far, thanks for looking! Please forgive any formatting clumsiness. I'm still a newb on posting here.
Given all of the above, does anyone have any good idea of what else I might try? Or what might be causing this?
Thanks,
Mieren
I am on Bluehost Plus and had this error on one of my sub domains which had worked before. I had attempted to enable their free Beta CDN in addition to the existing SSL which triggered this issue on one of the sub domains but not another that I did the same to.
Support told me SSL and their CDN were not compatible together - the CDN install on the performance tab of the bluehost wordpress control panel is still hanging 3 days later with the spinning wheel saying "We're setting up your CDN. For now, feel free to start exploring WordPress or jump into building your website." Occasionally an 'unhandled exception' banner error shows up.
The first support agent said he would try to disable the cdn which could take 14 hrs to propogate which made no difference.
The 2nd support agent seemed confident of a fix by changing the A records and said it may take 4 hrs to propogate. This fixed it for me and I can now access all subdomains on SSL. The Performance tab is still hanging and creating errors though.
I ran into this exact same issue after upgrading from Basic Hosting to Plus Hosting on Bluehost and importing a new domain. I used the Free SSL from the Wordpress Tools, and was getting the above error on my HTTPS version (although HTTP was fine).
I had to open three tickets within 24 hours with their support, finally on the third time it was resolved.
The first two support people said it was an issue with SiteLock not working with SSL, so Sitelock would need to be disabled. After waiting the 4-8 hours they said it would take, there was no change.
The second go around was the same, except after waiting a little, my site instead gave the "ERR_CERT_COMMON_NAME_INVALID" error. After clicking the "Proceed Anyway" button, my site actually redirected to a random, completely different site I didn't own. Less than ideal...
The third support tech said the SSL cert needed to be uninstalled and reapplied, again with a 4-8 hour window. However, the site began working minutes after he said the changes were pending - so not really sure what's going on over at Bluehost. I get the feeling many of the Level 1 Support Techs don't have much technical expertise.
I had the same issue and contacted help. They changed the IP address and it started working right away. This was my case ID 00D36qEW6._50036dOPVh
Hope this helps someone
Related
I have a website that is running on an AWS server using the Bitnami Nginx and WordPress image.
https://www.athleticclubhk.com/
Recently it got all our ads on Google stopped due to malicious content. Oddly this time, its trickier then your standard malware of infected files. When visiting the site incognito, the first and only the first link click gets redirected using the following code:
window.location.replace("https://cartoonmines.com/scount");window.location.href = "https://cartoonmines.com/scount";
This is being injected on any link, however, upon investigating the loaded code on inspect its not injecting it into the page.
I've tried to hunt down the theme, plugins, core files and found nothing!
I replaced and reinstalled WordPress core files, deactivated all plugins and even swapped the theme - the problem is still there. I can't find any hidden .htaccess file in the entire root directory.
I even used GREP to try to look for anything fishy (any clues here that someone can help with?) nothing so far.
The site is still impacted with this so you can easily load the link ~ i do use malwarebytes to keep myself protected, incase you are opening this directly.
Can anyone help?
The redirection code is implanted to /wp-includes/js/wp-emoji-release.min.js.
How to confirm:
watch the cookies when clicking internal page, a new cookie is being set for tracking first clicks, named ht_rr
save complete webpage locally and try to load it, and check in Chrome dev tools, you'll see that in Console tab it complains about this Javascript file attempting to set the aforementioned cookie
While a temporary resolution of deleting the file will fix things for some time...
There's no excuse for not setting up a proper server stack. Bitnami or other "great stacks" won't cut it security-wise. They exist for "fast", but no "quality" setup, and of course, it's never going to be secure.
The file got created somehow / had write privileges. This indicates a problem with the setup most of the time. Unless you're using some nulled plugins or plugins from bad sources.
Once again, since the website was essentially "pwned", deleting the Javascript file does not mean complete disinfection. To preserve things in a secure state, I would recommend setting things on a clean server environment with strict PHP-FPM permissions aka "lockdown" chmod, and look for write errors to look for infected PHP files.
Check out some guides on the matter of secure NGINX/PHP-FPM setup:
NGINX and PHP-FPM. What my permissions should be?
Best practice secure NGINX configuration for WordPress
NGINX Security Headers, the right way
Just had the same problem and it was Zend Font Plugin, the same that some people mentioned before.
Installed Wordfence and this came out. Deleted the plugin and now the site is working perfectly.
Disable plugins and check again.
Change the database username and password.
Ask the hosting manager to check the host.
I have a website that is hosted with gandi, the website was only showing initially for the wordpress admin and anyone who was not an admin could not see the website. After I tried somewhat haphazardly to find solutions, the website got completely disabled with a connection_timed_out error and I don't know if this was due to my actions. I remember disabling and enabling DNS records, Disabling and enabling DNSSEC. Deleting my HTTPS free SSL certificate and requesting another. I've reuploaded a version of the website that is from a week before the problem occurred using FTP a couple of days ago but the problem still persists. I now only have access through FTP and have deactivated all the plugins, renamed all the theme folders so Wordpress defaults to the original theme. I've increased the memory limit on wp-config.php file by adding 'define( 'WP_MEMORY_LIMIT', '64M' );' at the end, set the debug mode to true in that same file and I've also added'php_value max_execution_time 60' in .htaccess file but to no avail the website continues to give the connection timed out error.
I also bought the domain as deeraadesign.com, I remember the website completely crashing after I changed the site url on wordpress to deeraadesign.com from www.deeraadesign.com and I'm thinking that may have thrown off wordpress and now it is redirecting back and forth to a domain that is not the wordpress website? maybe DNSSEC destroyed the domain? Maybe I have too many themes on the website even though I have tried to deactivate them? I just don't know and all the solutions online are the saying the same things that I have already tried and not telling me anything new.
I mean, I have around 5 websites on gandi but it can't be the memory limit either as my hosting company says I only have 7GB/20GB and it also says my website is published and accessible?? so the problem is on Wordpress's end? Any help would be very much appreciated...
Thank you,
Hameed
Try this
add
php_value max_execution_time 300
in .htaccess file
Hope it will work
I have an issue in a WordPress site on Hostgator where the htaccess file keeps disappearing. Before you get all, "Check your plugins, dummy" I have the same install of this site running on a completely separate Hostgator account and it's running fine. Furthermore, I have a local instance which, again, is running fine. So if it was a plugin, the issue would be replicated on the other instances, but it's not.
My suspicion is someone who has access to the hosting account is tampering with it. While that sounds paranoid, I can't rule anything out because htaccess files don't just delete themselves.
The bandaid fix has been to just reset permalinks once the site goes down. Annoying, but simple. What might be even neat would be to set my server 404 page to a php script that, when accessed, hits an endpoint I set up in WordPress to programmatically flush the rewrite rules, thus restoring the htaccess page, and then the 404 tries to forward them on again. However, the suggestions on how to do this say putting the error page definitions in the htaccess page. Which doesn't do me much good if the htaccess page is being deleted.
How stupid is this idea? Please let me know in comments.
I'm open to other solutions, but I'm waiting on my hosting support to figure out how the file is being deleted because I assume others with the account info of tampering.
I have a wordpress site which is acting strange lately. It seems like the database is spontaneously rolling back a few hours from time to time. I have noticed it happen at least four times.
When I updated to wordpress 3.5, after a short time, maybe 30-60 minutes I noticed the nag to upgrade was back. I ran the upgrade a second time, even though I was certain that I had already upgraded.
I added a new category and changed a widget on one of my sidebars, only to find that my changes were gone the next day and I had to redo them.
I added a post yesterday, linked to it in various places and then returned several hours later to find the post missing. I rewrote the post from memory and put it back on the site.
This morning when I went to the site, the original post was back and the one that I had recreated from memory was gone. The post's id number was the same as the previous day. I think there was also a draft post that disappeared and reappeared as well.
One last clue which may or may not be related is that when I go to a page on the blog that should generate a 404 message I get a single piece of text which says: "defaced by t3ll0" I noticed this recently, within the last few weeks. I'm not sure how long it has been like that.
I ran Sucuri Scanner, and it found no evidence of malware. Any suggestions of how to troubleshoot this? Could this be a problem with my database rather than wordpress?
UPDATE: It appears that the primary problem I was noticing was because of two versions of the site being up simultaneously. The DNS settings had not been updated to the new site. I'm still investigating if the site was hacked.
You got hacked. "defaced by t3ll0" is the clue. Someone has control of your site and your hosting account.
Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.
Change all passwords. Scan your own PC for spyware that may have grabbed your login and password.
http://sitecheck.sucuri.net/ is a good resource, but it scans for malware and not accounts that were hacked and are not being used to distribute malware or have spam links.
Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting
You have not applied security may be at number of places.
1. File permissions, folder permissions.
2. Upload folder permissions.
3. Execute permissions.
Now, if you are not a developer how would you check for these vulnerabilities?
I am suggesting you to take a backup of your DB(Export it). Get rid of the existing WP core and reinstall it from fresh.
Delete all plugins and install them all from fresh sources.
If you have used a custom theme then get the backed up version of it and delete the current one as there is a deface to it.
And you can check for a lot of vulnerabilities with plugins like this: http://wordpress.org/extend/plugins/better-wp-security/
Rename your administrator account. Harden your password. Remove write permission from .htaccess and wp-config.php file.
The WP back end of a site I'm working on (It's a multisite) takes about 25 seconds to load.
Everything was working fine until yesterday and the front end still works perfectly well. All other sites on the same server run just as well, so it MUST be a WP back end issue.
I don't remember exactly what change it was that made it so slow. I remember updating WP recently (to version 3.4.2), adding some plugins on one of the sites and changing the max upload file size.
I tried to disable all the plugins, changing the themes back to default, changing the max file size back, and adding define('WP_MEMORY_LIMIT', '1024M'); (and other values) to WP-config but none of it helped.
Also tried to 'Update network', but I got an error - couldn't connect to host.
Any ideas?
I got in touch with our network admin and we resolved the issue.
I will copy his answer here. Hope it helps someone.
Does Wordpress use 'self-referential URLs' ? What I mean by this is...
is wordpress trying to access it's own templates/css using fully
qualified domain names in the URL (e.g. http://example.co.uk/someurl )
Because we use Network Address Translation (NAT) on our firewalls to
hide the real IP address of the server, it has the side effect that if
the server tries to access it's own URLs, it will try to send the
traffic to the external interface on our firewall, which is where the
DNS resolves to.
The fix for this is very simple - we just add the site url into the
/etc/hosts file so that the server knows to use it's own IP address
instead of the address on the firewall.
So he added our address to the hosts file and now it works perfectly.
Awesome.
I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout.
If you're still unable to identify the cause I'd recommend a catch-all solution of installing xdebug and profiling the page with webgrind, xcachegrind, etc
Had the same problem for a week and now the problem of very slow WP-admin was solved!
Before, I cannot access my sites if I use incognito or I am not logged in as WP user, but all times in the wp-admin, it takes me 40 seconds- minute or even never.
Solution that worked:
I accessed the files in the file manager using the CPanel, and I saw so many unused and unnecessary folders and themes and that's the reason that causes the very slow access to admin.
It was because during the days of being a newbie, I stuffed a lot of files in the Public Http and that made it congested.
I logged in to another CPanel account that I bought personally before, and compared the folders of the "proper" versus the "congested" and compress, backed-up and deleted all the unnecessary.
My host: Hostgator, responded well also.
Hope this would help others.
I also had a very slow Dashboad in wordpress. Reading the James C´s answer, I realized that my site is located in a corporate intranet behind a firewall to access internet.
James C answered:
"I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout."
My solution was avoid all the internet conections: (1) disable all the wordpress updates using the wordpress plugin "Disable all wordpress updates". (2) activate de wordpress pluging "Disable google fonts"
After these two plugin activations, the Dashboard works to a suitable speed.