So to start off, I'll say that I've disabled the CDN (AWS CloudFront), and all plugins, have deleted my cache and I'm still having problems with this.
I'm making a few changes to a rather "messy" WP site that I didn't build. Anytime I make changes to the CSS, they're not being recognized. If, using firebug, I look at what css file is being used for an element, instead of the regular style.css, I'm seeing a long string that includes a bunch of the enabled plugins and ends with pagespeed.cf.(long-string).css
After doing entering the string into a google search, I get a bunch of hits related to Google PageSpeed Insights, but I'm not sure how the site is interacting with that or causing the block to the original .css file.
Has anyone come across this before and if so, might you be able to explain to me what's going on and how I can go about bypassing this?
As always, thanks in advance for any answers or advice!
Related
My coding knowledge is super basic but Hostinger's support sent me to this platform to hopefully find a solution.
Situation: I have successfully installed the SSL certificate but I keep losing the padlock because of mixed content. I checked Whynopadlock for the issues, it gave me two images as 'soft failures'. I deleted those from my Wordpress library. I've installed Really Simple SSL, Force SSL and tried Search & Replace. I've changed the url in Elementor but I keep getting these errors.
Please, can someone help me, with some clear info as my coding knowledge is limited to making some minor changes in css.
Thanks so much in advance!
In your homepage, there are 3 images that are still loading under http instead of https. These images are:
http://cortijolamorera-com.preview-domain.com/wp-content/uploads/2020/03/ligature-symbols_2-11-0_quote_225_13_bdc3c7_none.png
http://cortijolamorera-com.preview-domain.com/wp-content/uploads/2020/03/Algemeen7-scaled.jpeg
http://cortijolamorera-com.preview-domain.com/wp-content/uploads/2020/03/evie-shaffer-728405-unsplash-edited.jpg
All these images appear to load from lazysizes.js. The easiest way would be to delete these photos from the media library and upload them again. Otherwise, you can either check your setting in the lazysizes plugin or search and replace the urls from within the database.
I have a site with a static home page which is just one of the pages. Ive been working on the site for several weeks. Today, when I went to clear the cache to see if some links were updated, the home page switched to displaying Posts (which is the other setting under the Settings->Reading) I went to settings and sure enough display Posts is checked. No one else, that I know of has the password to this site. Does anyone know why this happened or how I can prevent it from happeneing again?
There are so many variables to consider, but it has to be a direct database manipulation. So:
Someone did in fact change it, but no one knows who
A plugin or theme changed it. Unlikely, but certainly possible. Search your plugins/theme changelog and/or support threads for similar reported issues
One thing you could do is install the plugin Stream. This logs all (well, nearly every) database manipulation and tells you when, where, and who. This way, if it happens again, you can immediately pinpoint it.
i have a website that was developed with wordpress
it was hacked ,I removed the malicious files that I've found on the server
and I got it back but when I search the website on google I found
strange links that I can't open them
photo
Remove url individually form google webmaster tools and it will take time remove it.
You should know that removing malicious files doesn't mean you cleaned up the site. There are many instances where a file will recreate all the malicious files again. Sometimes it can even be above the root of your website root folder. It's best to use a couple plugins to scan the whole site directory. And then check a couple days later if the malicious files return. (if this is the case you are best to actually just switch to a new server or reformat if you have the option as it will get quite expensive to pay someone to clean up your server)
First make sure you have completely cleaned up the hack. Then those pages in Google should get deindex as they won't exist anymore. It's probably not viable to remove every single hack page indexed in Google via webmaster tools as there could be 10s of thousands! (depending on the hack)
Below are a couple good scanners.
https://wordpress.org/plugins/quttera-web-malware-scanner
https://wordpress.org/plugins/sucuri-scanner
I would also recommend some plugins for enhanced security moving forward.
https://wordpress.org/plugins/ninjafirewall
https://wordpress.org/plugins/better-wp-security
https://wordpress.org/plugins/vulnerable-plugin-checker
I try to fix the website speed for that I visit gtmetrix to check the exact speed and errors from last seven days one error continuously display there its called web fonts, even I try a lot but still didn't find the proper way to resolve this issue.
I tried turning off plugin one-by-one, but that didn't make any difference, so I know it's not a plugin conflict. I'm looking at the font files on the server, so I know they are there. Any ideas what to try next?
Currently, i am using Fetch Wordpress Theme its free, for reference, I provide the web page test result link please advise.
This Issue Happen Because of the Usage Of Plugin Wp-Hide, Once You Use The Plugin Very Carefully Because If You Mis Configure The Page Speed & Web Page Score Effected.
Last Wednesday a variety of the WordPress sites I manage got hacked, they were infected with a Viagra link (malware is so original).
I noticed in the wp-includes directory a file called utils.php (wp-includes/js/tinymce/utils/utils.php), also an addition to my general-template.php for the get_footer function.
This hack seems to only affect Google search results for sites, not the site when directly viewed by entering the URL, i.e your cached site will show a malware infested mess and lose ranking, meanwhile you will wonder why due to the site looking fine when viewed.
My host (TSO Host) have cleaned up the sites, didn't even need to ask, but I have no idea how the infection got there in the first place.
So my question is, does anyone know how the breach happens and what I can do to prevent it, other than the usual security tips?
This happened to a site that I spent weeks cleaning up. I can give you a few pointers:
Go through the Wordpress core files (under wp-admin and wp-includes) and delete all files that you don't see in the default wordpress instillation. I've never seen a plugin create a file in one of those 2 directories. After this, it'd be a good idea to re-install Wordpress, just in case they changed any of the existing files.
After that, change your Wordpress/FTP/SSH passwords as they've likly been cracked. Install WP Better Security. It seems a little annoying at first, but you can monitor everything with it, change the login slug, remove version info hackers can use to find security holes, black-list known hackers, and so much more.
Finally, this last one will take some time. Google your theme and each one of your plugins, and see if Wordpress has stopped using them because they were a security vulnerability. You'd be surprised at how many plugins haves holes. Try to avoid really new plugins, and try to use the same plugin for as many different sites as you can. If you're hosting more than one site on the same server and one of the sites gets hacked, they're all hacked.
It sounds like a pain, and it is a little bit, but after you're done you'll feel so much better knowing that you're in control of everything. Trust me.