Restarting WordPress deployment on Google Compute Engine after prolonged instance stop - wordpress

This one last shot before I delete my WordPress deployment installation on the Google Cloud Engine and start from scratch.
My WordPress site was working fine when first deployed about two months back. I then stopped the instance, as I didn't have time to work on it and didn't want to incur charges.
When it came to starting it last night, it seemingly starts ok, as per Google Developers console report, but the front end is everything, but ok. It is timing out, all I get is the index page (after a long time), but without any css and I can't get onto any other pages.
I can connect to the server using ssh command, I can even see the files via SFTP and I can't see anything obvious in phpmyadmin.
Does anybody have any pointers? What other info do you need? Sadly the documentation on Cloud Engine Wordpress deployment is very thin to offer much guidance beyond one click deployment.
Many thanks for any help.
ZONE
asia-east1-a
MACHINE TYPE
g1-small
IMAGE
wordpress-debian-7-wheezy-v20150127
WORDPRESS VERSION
4.1
HTTP traffic is allowed.
Update 26/03/2015:
As #Paolo P pointed out the problem was in the Google Compute Engine assigning an ephemeral address, which was replaced by a new one once the instance was restarted. To fix the issue I did:
login to phpmyadmin >wpdatabase > wp_options > edit siteurl and home with the new url.
edit wp-config.php > add (swap example.com for your new url):
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
at this stage your front end will be still unavailable, next
login to /wp-admin, which seems to update some settings in the background and voila, your front end is available at the new address.
comment out/delete the above code from wp-config.php once your site is back up and running again. If you don't, you won't have the ability to change the site urls within the WordPress content management end.
Some further info on changing site url is here. Note, I didn't have to touch functions.php to make it work https://codex.wordpress.org/Changing_The_Site_URL

If your instance had an ephemeral IP it could be changed after stopping it as documented here. After boot Wordpress internal configuration is still referring to a different IP and hence is not finding CSS and other page components.
Assign a static IP to instance and change WP configuration files accordingly. Note that some configurations may need to be updated inside DB data too.
Regards,
Paolo

Related

No access to wordpress backend anymore - "Your connection is not private"

hope you can help me because I'm losing my mind here:
A couple of months ago, I started to build my new website (WordPress, hosted on Google Cloud, deployed with "Click to deploy" and I got the domain name on Google Domains).
Everything worked fine back then. But I needed to put this project on hold.
Now I wanted to continue working on the website, and I realized the VM was stopped. I successfully re-started it and wanted to access the WP back end with the link that can be found in the Deployment Manager of Google Clouds ([IP address]/wp-admin) but it doesn't work anymore. It only says the connection is not private, and I can't access the website. I can't even get to the login form.
What I have tried so far:
Changed ephemeral IP to static external IP & connected the VM to the IP
Pointed Domain toward static external IP - as shown in any tutorial
Updated NS on Google Domains
Created DNS Zones (A, CNAME)
Installed SSL for my domain successfull
Still not working, neither the IP nor the domain (server not found).
My guess - the Domain (mk-studios.net) is not live yet, and therefore, the SSL certification doesn't work yet. If not, I messed something up, and I don't know where to look. I don't get why it worked well months ago and has stopped working now.
Does anyone have a guess? Do you need any further details?
Thank you so much in advance,
Best,
Mario
This problem may have many causes but the most common is that your SSL has NOT installed properly. I suggest you the following steps:
Make sure that your SSL works fine and reinstall your SSL.
If you have access to DB, go to *_options table and in the first two rows siteurl && home you will find your URL. In this point remove the "S" from the https:// and make it http://.
If you have other server take the DB locally an connect with WP files from fresh installation.
Also when you remove the -s from https:// visit your url with incognito mode/private mode.
I will stay here to help you.
George

WordPress site impacted with redirect injection

I have a website that is running on an AWS server using the Bitnami Nginx and WordPress image.
https://www.athleticclubhk.com/
Recently it got all our ads on Google stopped due to malicious content. Oddly this time, its trickier then your standard malware of infected files. When visiting the site incognito, the first and only the first link click gets redirected using the following code:
window.location.replace("https://cartoonmines.com/scount");window.location.href = "https://cartoonmines.com/scount";
This is being injected on any link, however, upon investigating the loaded code on inspect its not injecting it into the page.
I've tried to hunt down the theme, plugins, core files and found nothing!
I replaced and reinstalled WordPress core files, deactivated all plugins and even swapped the theme - the problem is still there. I can't find any hidden .htaccess file in the entire root directory.
I even used GREP to try to look for anything fishy (any clues here that someone can help with?) nothing so far.
The site is still impacted with this so you can easily load the link ~ i do use malwarebytes to keep myself protected, incase you are opening this directly.
Can anyone help?
The redirection code is implanted to /wp-includes/js/wp-emoji-release.min.js.
How to confirm:
watch the cookies when clicking internal page, a new cookie is being set for tracking first clicks, named ht_rr
save complete webpage locally and try to load it, and check in Chrome dev tools, you'll see that in Console tab it complains about this Javascript file attempting to set the aforementioned cookie
While a temporary resolution of deleting the file will fix things for some time...
There's no excuse for not setting up a proper server stack. Bitnami or other "great stacks" won't cut it security-wise. They exist for "fast", but no "quality" setup, and of course, it's never going to be secure.
The file got created somehow / had write privileges. This indicates a problem with the setup most of the time. Unless you're using some nulled plugins or plugins from bad sources.
Once again, since the website was essentially "pwned", deleting the Javascript file does not mean complete disinfection. To preserve things in a secure state, I would recommend setting things on a clean server environment with strict PHP-FPM permissions aka "lockdown" chmod, and look for write errors to look for infected PHP files.
Check out some guides on the matter of secure NGINX/PHP-FPM setup:
NGINX and PHP-FPM. What my permissions should be?
Best practice secure NGINX configuration for WordPress
NGINX Security Headers, the right way
Just had the same problem and it was Zend Font Plugin, the same that some people mentioned before.
Installed Wordfence and this came out. Deleted the plugin and now the site is working perfectly.
Disable plugins and check again.
Change the database username and password.
Ask the hosting manager to check the host.

wordpress admin redirect loop

I've got a copy of our wordpress instance running inside a Docker container.
Our live instance works well but inside the docker container, I do get a redirect-loop as soon as I try to get access to wp-admin.
I've disabled all plugins, I've cleared my cache and so on but nothing worked so far.
OS is debian, similar to our live system. When I get the redirect-loop, there's no information written in my apache error.log-file.
Oh and this instance is accessible by using a subdomain. I had to rewrite all "www.domain.com" to "sub.domain.com".
If I can provide you with any informations to solve my problem just ask. I have absolutely no idea where to start.
Paddaels
Seems like you missed some records in the database. The best approach is to use a tool like https://interconnectit.com/products/search-and-replace-for-wordpress-databases/
If you download this free tool and upload to your server then it does a batch find-and-replace across every single table in your Wordpress database.
So, for example, replace http://www.example.com with http://sub.example.com
You can do a dry run and it will show you all the replaces that it will make. Once you're happy then click the "live run" button and all the changes are made.
I use this tool all the time when I am moving a site from my local machine to the live server. I also use the exact same approach when migrating a site from http to https

WordPress development site on sub-domain going to wrong domain

I am trying to set up a development site on the sub-domain development.warriorsliveon.org of warriorsliveon.org.
This is a WordPress site and I copied the plug-ins, themes, and upload folders to the new WordPress installation on the sub-domain. I also copied the database from warriorsliveon.org, did a find and replace of warriorsliveon.org to development.warriorsliveon.org.
When I go to the site , http://development.warriorsliveon.org. it either switches automatically to the follow address, or other times, lets me log into WordPress, but then goes to this address.
http://development.development.www.development.development.warriorsliveon.org/
Anyone have any ideas where I should look to resolve this issue?
I'm happy to post any code, just not sure at this point what would be useful. Any help is appreciated!
Changing the Domain Name that your Wordpress installation runs under is more complicated than just editing one or two files. The best approach is to use a tool like https://interconnectit.com/products/search-and-replace-for-wordpress-databases/
If you download this free tool and upload to your server then it does a batch find-and-replace across every single table in your Wordpress database.
So, for example, replace http://www.warriorsliveon.org with http://development.warriorsliveon.org
You can do a dry run and it will show you all the replaces that it will make. Once you're happy then click the "live run" button and all the changes are made.
I use this tool all the time when I am moving a site from my local machine to the live server. I also use the exact same approach when migrating a site from http to https

WP Admin extremely slow

The WP back end of a site I'm working on (It's a multisite) takes about 25 seconds to load.
Everything was working fine until yesterday and the front end still works perfectly well. All other sites on the same server run just as well, so it MUST be a WP back end issue.
I don't remember exactly what change it was that made it so slow. I remember updating WP recently (to version 3.4.2), adding some plugins on one of the sites and changing the max upload file size.
I tried to disable all the plugins, changing the themes back to default, changing the max file size back, and adding define('WP_MEMORY_LIMIT', '1024M'); (and other values) to WP-config but none of it helped.
Also tried to 'Update network', but I got an error - couldn't connect to host.
Any ideas?
I got in touch with our network admin and we resolved the issue.
I will copy his answer here. Hope it helps someone.
Does Wordpress use 'self-referential URLs' ? What I mean by this is...
is wordpress trying to access it's own templates/css using fully
qualified domain names in the URL (e.g. http://example.co.uk/someurl )
Because we use Network Address Translation (NAT) on our firewalls to
hide the real IP address of the server, it has the side effect that if
the server tries to access it's own URLs, it will try to send the
traffic to the external interface on our firewall, which is where the
DNS resolves to.
The fix for this is very simple - we just add the site url into the
/etc/hosts file so that the server knows to use it's own IP address
instead of the address on the firewall.
So he added our address to the hosts file and now it works perfectly.
Awesome.
I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout.
If you're still unable to identify the cause I'd recommend a catch-all solution of installing xdebug and profiling the page with webgrind, xcachegrind, etc
Had the same problem for a week and now the problem of very slow WP-admin was solved!
Before, I cannot access my sites if I use incognito or I am not logged in as WP user, but all times in the wp-admin, it takes me 40 seconds- minute or even never.
Solution that worked:
I accessed the files in the file manager using the CPanel, and I saw so many unused and unnecessary folders and themes and that's the reason that causes the very slow access to admin.
It was because during the days of being a newbie, I stuffed a lot of files in the Public Http and that made it congested.
I logged in to another CPanel account that I bought personally before, and compared the folders of the "proper" versus the "congested" and compress, backed-up and deleted all the unnecessary.
My host: Hostgator, responded well also.
Hope this would help others.
I also had a very slow Dashboad in wordpress. Reading the James C´s answer, I realized that my site is located in a corporate intranet behind a firewall to access internet.
James C answered:
"I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout."
My solution was avoid all the internet conections: (1) disable all the wordpress updates using the wordpress plugin "Disable all wordpress updates". (2) activate de wordpress pluging "Disable google fonts"
After these two plugin activations, the Dashboard works to a suitable speed.

Resources