I have Wordpress installed on my local wamp platform. I used it for a while without any problem. However today without any unusual change I am not able to publish any pages/posts anymore.
I am the only user in wordpress with admin rights.
I thought it might be corrupted, so I installed a fresh Wordpress instance. Did not change anything, no plugins, just went directly to posts to publish, but it is not in the dropdown list, I can select only 'Pending Review' and 'Draft'.
To be even more strange, same time this happened in my live site as well. I am on a shared hosting environment, so totally different space from my localhost. (Though code was copied from localhost to production.)
Has anybody experienced similar in the past?
Please take look into settings - general and check your timezone!
It should be something like UTC+0, NOT e.g. Berlin, Zagreb, etc.
I had the same issue after hours of debugging and at least, I changed the timezone to UTC+0 and it worked.
It's definitly time related. I have the same issue after messing with my php.ini's and timezome's. Also I installed NTPd and changed the hardware clock.
Related
I have a real problem on my cpanel I do not understand all my sites and my applications have not worked since this morning, try to restore without success I have tried everything, I am afraid to watch help me.
when I check the files of my site and application there are unknown files that create themselves all the time even when I delete completely when I update it comes back alone and it affects the operation of my site and application
I don't know if I was really hacked, or if it's an extension problem, or it's a quota or php problem but nothing's going well here are some images of the unknown folders, I've already written to support they say they will delete the hosting and create a new one when I can't afford it right now
According to your screenshot, you have really messed up your WordPress Core. Firstly, fix your .htaccess and 'delete the folders'. Additionally, you can always reinstall WordPress Core to fix any problems that might have happened from a Malware action.
However, there has been a rise in WordPress Database Malware as well, so you might wanna look in that as well.
I have seen lots of critical errors on my WordPress website. I attached a screenshot below that shows some of these issues. Please look at this and provide some suggestions so that I can fix this problem.
Thank you so much.
Depends how badly broken your site has become.
What is it doing to make you think it's been hacked? Is it just the warnings in the Wordfence scan report?
Before going much further you should for sure grab a backup of your database, wp-config.php, and the contents of the directories wp-content/themes, wp-content/uploads, and wp-content/plugins. Might be a good idea to make a separate backup of the entire WordPress installation directory.
Since you can still access the administration panel, might as well change your password just to be safe. Are there multiple users for your WP installation?
What changes have been made if you click "Details" button in the Wordfence scan?
If you're sure changes to the wp-core files are due to a hack, you can try to repair them using Wordfence's repair feature--it'll restore them to their base WordPress version. But if significant differences are showing for dozens of core files, might be a good idea start over with a clean installation of WordPress.
You'll also want to track down what allowed these malicious changes to be made (has an unknown IP logged into your administration panel recently? Are you using a plugin with a known security issue?), or it'll just happen again.
I’m using the latest version of Wordpress (4.7.4).
I have something very weird going on in my Dashboard. Not sure when this started.
Can’t say for sure it started with the latest version of Wordpress or not.
My Dashboard became completely useless.
It’s like it’s showing me a flashback of a Dashboard from a few days or hours ago:
Comments I’ve deleted in the Dashboard (hitting “trash”) are suddenly back there, awaiting my moderation.
Plugins I’ve deactivated or even deleted are all back there and according to Dashboard still running (while in my FTP folder they’re certainly gone).
The plugin page cannot be trusted anymore as it shows some plugins are activated that aren’t and vice versa. I have to check on my actual website to confirm which ones are running.
Updates aren’t shown correctly. Once I’ve updated a plugin, a few minutes later it shows me again that there’s a new update.
As you can tell it’s all pretty much the same phenomenon.
It’s as if I’m seeing an older version of my Dashboard.
Not sure what else is broken.
The only other thing I noticed is that even on my actual blog I still see a comment. Blog post says “1 comment”, but the actual comment doesn’t show up.
At first, this all sounds like a “cache problem”.
But I’ve already turned off all caching:
No caching plugin installed
Turned off server caching via htaccess
Disabled leverage browser caching
Emptied my own browser cache
Other things I tested:
Turn off all plugins.
Switch to the standard Wordpress theme “Twenty Twelve”
I tried WP_DEBUG, but nothing related shows up.
I researched the internet, but nobody has described a similar problem, so I suppose this is not a common Wordpress issue.
The issue remains.
Unfortunately I’m not a developer and don’t know too much about the Wordpress codex etc.
But to me it sounds that the mistake is definitely not in the plugin or theme folder.
The problem is that I’ve reached the point where I really cannot turn off plugins via Dashboard properly anymore. It’s so annyoing!
My questions are:
Is it safe to assume that this is related to the Wordpress core
files?
What files exactly are in “charge of” the Dashboard?
Should I just try to re-download the newest Wordpress version and replace a few files (if so which ones)?
Should I do a clean Wordpress re-install or would that be too drastic?
Any other suggestions?
EDIT:
Additionally I tried now:
I manually downloaded the newest version of Wordpress and did just as
described on the Wordpress.org website. I manually replaced wp-admin,
wp-include folders and all root files. The issue remains...
The way my Dashboard is right now, I really can’t use it.
Please advice!
I contacted my host service again.
They just gave me the same line to insert into my .htaccess file and I told them I already tried it and it didn't work.
I then showed them my .htaccess file and they deleted the whole part that concerned their server caching.
Now server caching is completely off and everything works again.
Still not sure why this previously never caused issues.
In the end, it had nothing to do with Wordpress.
I hope this answer will help people who run into similar problems.
I’m working on a wordpress site, it’s almost finished.
Left it lying on the server for a few weeks after the launch to gather user feedback, and now ready to make some minute adjustments.
Loe and behold, can’t login.
Going to parentsauxassembleesgenerales.org/wp-admin won’t show me the admin page, but will instead redirect.
Sure enough, I had an automatic update to 3.8.2 on April 9 that seems to coincide with the admin access being gone.
Contrary to most redirect errors for login pages after an automatic update on forums, the exact url it redirects to is not actually a valid url.
You see others reporting the url they are redirected to as being:
http://www.domain.org/wp-login.php/?redirect_to=http%3A%2F%2Fwww.domain.org%2Fwp-admin%2F&reauth=1
But mine displays: http://www.parentsauxassembleesgenerales.org-login.php/?redirect_to=http%3A%2F%2Fwww.parentsauxassembleesgenerales.org%2Fwp-admin%2F&reauth=1
And is therefore missing three characters: “/wp” to be identical to the other bugs I saw reported. Needless to say, I still tried all the fixes recommended elsewhere, namely:
(using FTP, Softaculous, dowload of WP 3.8.1 and 3.8.2 from wordpress.org, and PHPmyAdmin)
1- deactivating, renaming, removing plugins, theme, both plugins and theme
2- adding lines of code to wp-config
3- looking at the database to make sure the site url and home url were the right ones and the same
4- updating key files like wp-login.php with a fresh version straight out of a vanilla install.
5- moving the content and wp-config to a fresh install (only recreated the problem).
I’m sort of confused at Softaculous (wp install script in cPanel) for asking if you want automatic updates, but still enabling the small automatic updates (3.8.1 to 3.8.2 or 3.8.3) even if you don’t check the box for automatic updates. I don’t, and never will, want automatic updates on my wordpress: too many plugins and themes have a lag to the wordpress core deployment schedule. (I now know I can just add a line to wp-config.php, but the Softaculous interface could be clearer about the automatic update deal).
Am now in contact with the hosting service to look at solutions such as emptying webcache, restoring from their own weekly backups, their own diagnosis of the faulty redirect route, etc.
I’m looking for a solution that will do one of the following:
help me know what causes the redirect error so I can target the problem-solving
help me regain access to wp-admin login and the dashboard
I found the issue.
Despite deactivating the plugins, one of the plugins had caused a problem in the DB which remained even when deactivated, removed or renamed. Had to clean up the relevant redirects in the DB with PhpMyAdmin.
The plugin was Velvet Blues Update URLs, which was recommended for a very small move I was doing (moving the dev version of the site up one folder on the server file system).
I hadn't used this plugin before, but it seemed straightforward enough.
Not.
I usually migrate sites using UpDraftPlus with the pro addon for migration, which works fairly well, but felt longer than it needed to be for a one-folder-up move.
Not.
The search and replace feature on UpDraftPlus that covers both for file/folder locations and for urls is without compare, and even for what it was supposed to do, Velvet Blues Update URLs didn't deliver on its promise.
I have a wordpress site which is acting strange lately. It seems like the database is spontaneously rolling back a few hours from time to time. I have noticed it happen at least four times.
When I updated to wordpress 3.5, after a short time, maybe 30-60 minutes I noticed the nag to upgrade was back. I ran the upgrade a second time, even though I was certain that I had already upgraded.
I added a new category and changed a widget on one of my sidebars, only to find that my changes were gone the next day and I had to redo them.
I added a post yesterday, linked to it in various places and then returned several hours later to find the post missing. I rewrote the post from memory and put it back on the site.
This morning when I went to the site, the original post was back and the one that I had recreated from memory was gone. The post's id number was the same as the previous day. I think there was also a draft post that disappeared and reappeared as well.
One last clue which may or may not be related is that when I go to a page on the blog that should generate a 404 message I get a single piece of text which says: "defaced by t3ll0" I noticed this recently, within the last few weeks. I'm not sure how long it has been like that.
I ran Sucuri Scanner, and it found no evidence of malware. Any suggestions of how to troubleshoot this? Could this be a problem with my database rather than wordpress?
UPDATE: It appears that the primary problem I was noticing was because of two versions of the site being up simultaneously. The DNS settings had not been updated to the new site. I'm still investigating if the site was hacked.
You got hacked. "defaced by t3ll0" is the clue. Someone has control of your site and your hosting account.
Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.
Change all passwords. Scan your own PC for spyware that may have grabbed your login and password.
http://sitecheck.sucuri.net/ is a good resource, but it scans for malware and not accounts that were hacked and are not being used to distribute malware or have spam links.
Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting
You have not applied security may be at number of places.
1. File permissions, folder permissions.
2. Upload folder permissions.
3. Execute permissions.
Now, if you are not a developer how would you check for these vulnerabilities?
I am suggesting you to take a backup of your DB(Export it). Get rid of the existing WP core and reinstall it from fresh.
Delete all plugins and install them all from fresh sources.
If you have used a custom theme then get the backed up version of it and delete the current one as there is a deface to it.
And you can check for a lot of vulnerabilities with plugins like this: http://wordpress.org/extend/plugins/better-wp-security/
Rename your administrator account. Harden your password. Remove write permission from .htaccess and wp-config.php file.