Wordpress Dashboard broken, displays “flashbacks” of comments/plugins/updates - wordpress

I’m using the latest version of Wordpress (4.7.4).
I have something very weird going on in my Dashboard. Not sure when this started.
Can’t say for sure it started with the latest version of Wordpress or not.
My Dashboard became completely useless.
It’s like it’s showing me a flashback of a Dashboard from a few days or hours ago:
Comments I’ve deleted in the Dashboard (hitting “trash”) are suddenly back there, awaiting my moderation.
Plugins I’ve deactivated or even deleted are all back there and according to Dashboard still running (while in my FTP folder they’re certainly gone).
The plugin page cannot be trusted anymore as it shows some plugins are activated that aren’t and vice versa. I have to check on my actual website to confirm which ones are running.
Updates aren’t shown correctly. Once I’ve updated a plugin, a few minutes later it shows me again that there’s a new update.
As you can tell it’s all pretty much the same phenomenon.
It’s as if I’m seeing an older version of my Dashboard.
Not sure what else is broken.
The only other thing I noticed is that even on my actual blog I still see a comment. Blog post says “1 comment”, but the actual comment doesn’t show up.
At first, this all sounds like a “cache problem”.
But I’ve already turned off all caching:
No caching plugin installed
Turned off server caching via htaccess
Disabled leverage browser caching
Emptied my own browser cache
Other things I tested:
Turn off all plugins.
Switch to the standard Wordpress theme “Twenty Twelve”
I tried WP_DEBUG, but nothing related shows up.
I researched the internet, but nobody has described a similar problem, so I suppose this is not a common Wordpress issue.
The issue remains.
Unfortunately I’m not a developer and don’t know too much about the Wordpress codex etc.
But to me it sounds that the mistake is definitely not in the plugin or theme folder.
The problem is that I’ve reached the point where I really cannot turn off plugins via Dashboard properly anymore. It’s so annyoing!
My questions are:
Is it safe to assume that this is related to the Wordpress core
files?
What files exactly are in “charge of” the Dashboard?
Should I just try to re-download the newest Wordpress version and replace a few files (if so which ones)?
Should I do a clean Wordpress re-install or would that be too drastic?
Any other suggestions?
EDIT:
Additionally I tried now:
I manually downloaded the newest version of Wordpress and did just as
described on the Wordpress.org website. I manually replaced wp-admin,
wp-include folders and all root files. The issue remains...
The way my Dashboard is right now, I really can’t use it.
Please advice!

I contacted my host service again.
They just gave me the same line to insert into my .htaccess file and I told them I already tried it and it didn't work.
I then showed them my .htaccess file and they deleted the whole part that concerned their server caching.
Now server caching is completely off and everything works again.
Still not sure why this previously never caused issues.
In the end, it had nothing to do with Wordpress.
I hope this answer will help people who run into similar problems.

Related

Wordpress - Theme stuck at loading after migration

I have been recently tasked to migrate a Wordpress page to another hosting services. Task, which should be quite easy, took me last 2 days and I still can't figure out what is wrong. After migrating (tried it with Duplicator plugin, manual copying and changing links in database) pages won't load. I managed to get into backend and after changing theme to any default Wordpress theme (twentysixteen, twentyseveteen etc.) site works fine but when I try use designated theme (Proxima, https://themeforest.net/item/proxima-responsive-business-multipurpose-theme/8094780) it just won't load. Page is trying to load but in the end it shows 503 error. Same thing if I want to see the preview of theme in backend, loading animation appears and nothing happened. I tried a lot of things to fix it: changing file permissions, disabling plugins, updating Wordpress, downgrading Wordpress, changing php version, changing MySQL version and nothing works. My theme support has expired and before I renew it I just wanted to ask if anyone had that problem before. Maybe there is super easy fix and I just don't see it.
Thanks in advance for any help
Problem solved with hosting support. Bad media path was the problem.

Wordpress admin cannot publish posts

I have Wordpress installed on my local wamp platform. I used it for a while without any problem. However today without any unusual change I am not able to publish any pages/posts anymore.
I am the only user in wordpress with admin rights.
I thought it might be corrupted, so I installed a fresh Wordpress instance. Did not change anything, no plugins, just went directly to posts to publish, but it is not in the dropdown list, I can select only 'Pending Review' and 'Draft'.
To be even more strange, same time this happened in my live site as well. I am on a shared hosting environment, so totally different space from my localhost. (Though code was copied from localhost to production.)
Has anybody experienced similar in the past?
Please take look into settings - general and check your timezone!
It should be something like UTC+0, NOT e.g. Berlin, Zagreb, etc.
I had the same issue after hours of debugging and at least, I changed the timezone to UTC+0 and it worked.
It's definitly time related. I have the same issue after messing with my php.ini's and timezome's. Also I installed NTPd and changed the hardware clock.

Can't access Wordpress admin login page (redirect error)

I’m working on a wordpress site, it’s almost finished.
Left it lying on the server for a few weeks after the launch to gather user feedback, and now ready to make some minute adjustments.
Loe and behold, can’t login.
Going to parentsauxassembleesgenerales.org/wp-admin won’t show me the admin page, but will instead redirect.
Sure enough, I had an automatic update to 3.8.2 on April 9 that seems to coincide with the admin access being gone.
Contrary to most redirect errors for login pages after an automatic update on forums, the exact url it redirects to is not actually a valid url.
You see others reporting the url they are redirected to as being:
http://www.domain.org/wp-login.php/?redirect_to=http%3A%2F%2Fwww.domain.org%2Fwp-admin%2F&reauth=1
But mine displays: http://www.parentsauxassembleesgenerales.org-login.php/?redirect_to=http%3A%2F%2Fwww.parentsauxassembleesgenerales.org%2Fwp-admin%2F&reauth=1
And is therefore missing three characters: “/wp” to be identical to the other bugs I saw reported. Needless to say, I still tried all the fixes recommended elsewhere, namely:
(using FTP, Softaculous, dowload of WP 3.8.1 and 3.8.2 from wordpress.org, and PHPmyAdmin)
1- deactivating, renaming, removing plugins, theme, both plugins and theme
2- adding lines of code to wp-config
3- looking at the database to make sure the site url and home url were the right ones and the same
4- updating key files like wp-login.php with a fresh version straight out of a vanilla install.
5- moving the content and wp-config to a fresh install (only recreated the problem).
I’m sort of confused at Softaculous (wp install script in cPanel) for asking if you want automatic updates, but still enabling the small automatic updates (3.8.1 to 3.8.2 or 3.8.3) even if you don’t check the box for automatic updates. I don’t, and never will, want automatic updates on my wordpress: too many plugins and themes have a lag to the wordpress core deployment schedule. (I now know I can just add a line to wp-config.php, but the Softaculous interface could be clearer about the automatic update deal).
Am now in contact with the hosting service to look at solutions such as emptying webcache, restoring from their own weekly backups, their own diagnosis of the faulty redirect route, etc.
I’m looking for a solution that will do one of the following:
help me know what causes the redirect error so I can target the problem-solving
help me regain access to wp-admin login and the dashboard
I found the issue.
Despite deactivating the plugins, one of the plugins had caused a problem in the DB which remained even when deactivated, removed or renamed. Had to clean up the relevant redirects in the DB with PhpMyAdmin.
The plugin was Velvet Blues Update URLs, which was recommended for a very small move I was doing (moving the dev version of the site up one folder on the server file system).
I hadn't used this plugin before, but it seemed straightforward enough.
Not.
I usually migrate sites using UpDraftPlus with the pro addon for migration, which works fairly well, but felt longer than it needed to be for a one-folder-up move.
Not.
The search and replace feature on UpDraftPlus that covers both for file/folder locations and for urls is without compare, and even for what it was supposed to do, Velvet Blues Update URLs didn't deliver on its promise.

Posts disappearing and reappearing on wordpress

I have a wordpress site which is acting strange lately. It seems like the database is spontaneously rolling back a few hours from time to time. I have noticed it happen at least four times.
When I updated to wordpress 3.5, after a short time, maybe 30-60 minutes I noticed the nag to upgrade was back. I ran the upgrade a second time, even though I was certain that I had already upgraded.
I added a new category and changed a widget on one of my sidebars, only to find that my changes were gone the next day and I had to redo them.
I added a post yesterday, linked to it in various places and then returned several hours later to find the post missing. I rewrote the post from memory and put it back on the site.
This morning when I went to the site, the original post was back and the one that I had recreated from memory was gone. The post's id number was the same as the previous day. I think there was also a draft post that disappeared and reappeared as well.
One last clue which may or may not be related is that when I go to a page on the blog that should generate a 404 message I get a single piece of text which says: "defaced by t3ll0" I noticed this recently, within the last few weeks. I'm not sure how long it has been like that.
I ran Sucuri Scanner, and it found no evidence of malware. Any suggestions of how to troubleshoot this? Could this be a problem with my database rather than wordpress?
UPDATE: It appears that the primary problem I was noticing was because of two versions of the site being up simultaneously. The DNS settings had not been updated to the new site. I'm still investigating if the site was hacked.
You got hacked. "defaced by t3ll0" is the clue. Someone has control of your site and your hosting account.
Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.
Change all passwords. Scan your own PC for spyware that may have grabbed your login and password.
http://sitecheck.sucuri.net/ is a good resource, but it scans for malware and not accounts that were hacked and are not being used to distribute malware or have spam links.
Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting
You have not applied security may be at number of places.
1. File permissions, folder permissions.
2. Upload folder permissions.
3. Execute permissions.
Now, if you are not a developer how would you check for these vulnerabilities?
I am suggesting you to take a backup of your DB(Export it). Get rid of the existing WP core and reinstall it from fresh.
Delete all plugins and install them all from fresh sources.
If you have used a custom theme then get the backed up version of it and delete the current one as there is a deface to it.
And you can check for a lot of vulnerabilities with plugins like this: http://wordpress.org/extend/plugins/better-wp-security/
Rename your administrator account. Harden your password. Remove write permission from .htaccess and wp-config.php file.

Meta Description Shows Spam

I have website (thebyandby.com) that got hacked several weeks ago. The problem is, the description on Google is showing a spam description for viagra and one the most popular posts (when linked to from Google) goes to a spam website.
The site is a WordPress website so I reinstalled the theme and made sure everything was updated. There are only two plugins installed, Akismet and Google Analytics. I don't think the plugins could be effected but I am not sure. The problem was still there so I checked when Google last indexed my site and it was after I had reinstalled my theme. I checked for malware from Google Webmaster and it said it didn't find any malware. I ran grep -r "viagra" on my entire web directory and nothing was found. I really don't know what else to do. Could this be a database problem?
Yes, it could well be that you have content in the database which is compromised. After all, that's where all the pages and posts are stored. Does your hosting company provide a tool like phpMyAdmin for browsing and editing the database?
But equally, if you have only reinstalled the theme then there are a lot more core WordPress files that could have been compromised by the hacker. Given that you are having problems, it would be well worth doing a complete reinstall of the WordPress files. Just make sure you keep a copy of your wp-config file, as you will need to copy that back. Also make sure you reinstall the same version of WordPress that you currently have.
But you know what: It may save you time in the long-run to just export all your posts and pages from within WordPress and then wipe the hacked site completely and install the whole thing from scratch. You can open the export file in any decent editor and once you've got your head around the XML structure, you can delete any rubbish that the hacker put there. I guess this option depends on how much content you had already put up on the site and how readily you could reconfigure the new site to match the old one.
Of-course if you have a full files and database backup from before the hacker got there, then you have an easy option that avoids all this grief ;-)

Resources