As you can see from the image above. I am experiencing some sort of error message but i have no idea what it means.
I am using wordpress 4.1 with a default theme. Every time i tried to add a menu to the menu structure i get the following message:
Gateway Anti-Virus Alert
This request is blocked by the Firewall Gateway Anti-Virus
Service. Name: Mailer.S (Trojan)
Things that i have already tried:
Using different theme
Installing and re-installing wordpress
Delete everything and start from beginning
And none of this work!
Please help me.
Thank you
You probably got infected with malware, and a service running on your hosting is blocking some malicious code. At best you can contact your hosting provider and ask them how to resolve. Malware on a WordPress site is pretty common by using outdated plugins, themes or having insecure rights on folders and files.
It's pretty hard to get rid of, you have to search trough every file to check for malicious code and check every folder for files that shouldn't be there.
Related
I have a website that is running on an AWS server using the Bitnami Nginx and WordPress image.
https://www.athleticclubhk.com/
Recently it got all our ads on Google stopped due to malicious content. Oddly this time, its trickier then your standard malware of infected files. When visiting the site incognito, the first and only the first link click gets redirected using the following code:
window.location.replace("https://cartoonmines.com/scount");window.location.href = "https://cartoonmines.com/scount";
This is being injected on any link, however, upon investigating the loaded code on inspect its not injecting it into the page.
I've tried to hunt down the theme, plugins, core files and found nothing!
I replaced and reinstalled WordPress core files, deactivated all plugins and even swapped the theme - the problem is still there. I can't find any hidden .htaccess file in the entire root directory.
I even used GREP to try to look for anything fishy (any clues here that someone can help with?) nothing so far.
The site is still impacted with this so you can easily load the link ~ i do use malwarebytes to keep myself protected, incase you are opening this directly.
Can anyone help?
The redirection code is implanted to /wp-includes/js/wp-emoji-release.min.js.
How to confirm:
watch the cookies when clicking internal page, a new cookie is being set for tracking first clicks, named ht_rr
save complete webpage locally and try to load it, and check in Chrome dev tools, you'll see that in Console tab it complains about this Javascript file attempting to set the aforementioned cookie
While a temporary resolution of deleting the file will fix things for some time...
There's no excuse for not setting up a proper server stack. Bitnami or other "great stacks" won't cut it security-wise. They exist for "fast", but no "quality" setup, and of course, it's never going to be secure.
The file got created somehow / had write privileges. This indicates a problem with the setup most of the time. Unless you're using some nulled plugins or plugins from bad sources.
Once again, since the website was essentially "pwned", deleting the Javascript file does not mean complete disinfection. To preserve things in a secure state, I would recommend setting things on a clean server environment with strict PHP-FPM permissions aka "lockdown" chmod, and look for write errors to look for infected PHP files.
Check out some guides on the matter of secure NGINX/PHP-FPM setup:
NGINX and PHP-FPM. What my permissions should be?
Best practice secure NGINX configuration for WordPress
NGINX Security Headers, the right way
Just had the same problem and it was Zend Font Plugin, the same that some people mentioned before.
Installed Wordfence and this came out. Deleted the plugin and now the site is working perfectly.
Disable plugins and check again.
Change the database username and password.
Ask the hosting manager to check the host.
I'm facing a problem with the following website: https://www.rhythmandstrums.ie/
When I open the "www" version of it: https://www.rhythmandstrums.ie/ I get a bugged website, failing to open stylesheets and possibly other file sources, whereas if I open the website without the "www", everything works as expected: https://rhythmandstrums.ie/
Some considerations:
This website is hosted in a Wordpress Multisite, so it shares the same configuration files as other websites, none of the other websites have this issue. So I was wondering if this could be a problem with redirection, although, again, none of the other websites have this problem and they share the same config files (including server block settings and such, it is in nginx).
I have checked the DNS values and nameservers and everything looks fine (I took base from all the other websites that were set up in the same way, I can post a screenshot if it might be of help).
This error also seems to happen in the Wordpress backend, with the admin dashboard not being able to load parts of plugins, it seems like it is looking where it doesn't exist.
I have replaced instances of the www version of the url in the database, as I do with other websites as well, but that didn't seem to fix the issue.
I have cleared cache a few times (both in the cache plugin and manually in the nginx server - manually deleting the contents of the cache folder), and since this has been going for a long time, I don't know if this is cache related, but any suggestion is highly appreciated. Again, all the configs, included the cache plugin settings are the same for all the other websites in the network, which none are having this issue.
If I inspect the console when I'm accessing both versions of the website, www and non-www it seems like it's trying to pull information from different locations, but I can't figure out why it's doing that.
Guys, I hope this was not confusing, but let me know if you you would like to see screenshots or other info that might be relevant. Thanks so much in advance, I really appreciate it.
I have setup the AMP plugin in WordPress but while going to see the AMP pages (Appearence->AMP), I saw an error "Non-existent changeset UUID".
Also there is message in console says,
"Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://test.com') does not match the recipient window's origin ('https://test.ve.staging.wpengine.com')."
Please help me to resolved it out.
I've recently taken over administration of a website that has historically been ... poorly managed, and upon trying to use WordPress' built in theme customizer, I was greeted with the same message: "Non-existent changeset UUID.", although I didn't get any related messages in the console.
Apparently my issue was caused by the fact that one of the people who set up the site to begin with had decided to put the public site at www.example.com and the WordPress admin pages at example.com/__wp.
If this is your issue, you basically have two options.
Make sure to log in at both domains.
This may be a little difficult since WordPress' login page is part of the admin portion of the site and thus only logs you in to the admin portion of the site, however this proved to be a good temporary solution for me as there was a plugin installed which added a login widget on the public portion of the site.
Change the WordPress Address to be on the same domain as your Site Address.
The Option appears under Settings > General, but in my case I couldn't change the WordPress Address setting there and had to go into the WordPress database in our company's MySQL server.
After dealing with the above issues, I discovered that this issue had also caused a bunch of resources to be incorrectly loaded from example.com that should have been loading from www.example.com, as well as a number of leftovers from the site's development that were causing some resources not to load because the database thought they were at localhost.
With the help of another Stack Overflow answer I found a Database Search and Replace Script in PHP by interconnect/it (also available on GitHub) which allowed me to repair the mess previous people had made of the website without making a new mess with incorrectly serialized data, or all of the work of manually, correctly serializing the data I needed to change.
I'm working on a project on my localhost for sometime now, and i've recently tried to make it online. My project works perfectly on my localhost, and I can post new articles to wordpress blogs with no problem.
The problem is, after uploading my project to a online web server ( Hostgators Baby Plan ) , I tried to add a new post to one of my wordpress blogs and I got the following error :
faultCode 500 faultString You are not allowed to do that.
The thing is, I've searched everywhere in the past few days in-order to solve this problem and had no luck.
Do you guys think this problem is caused because i'm using a webserver and not a VPS? If you have any other solutions I'll be glad to hear them out.
It might be related to file permissions or something like that.
There is no need to use VPS. I manage my website on a shared server and I've tested WordPress on free hosting services too.
This is probably due to incorrect permissions either on the file structure or the mySQL DB user or something like that. Take a look at this article on the WP codex about file permissions.
Big services like Hostgater usually have an "auto-install" feature for common software like Wordpress (via Softaculous or something similar). I don't know how you migrated your site from your local version to the server but it may be worth installing a fresh Wordpress instance through Hostgator and then simply loading in the wp-content folder and your development database on top of that.
The WP back end of a site I'm working on (It's a multisite) takes about 25 seconds to load.
Everything was working fine until yesterday and the front end still works perfectly well. All other sites on the same server run just as well, so it MUST be a WP back end issue.
I don't remember exactly what change it was that made it so slow. I remember updating WP recently (to version 3.4.2), adding some plugins on one of the sites and changing the max upload file size.
I tried to disable all the plugins, changing the themes back to default, changing the max file size back, and adding define('WP_MEMORY_LIMIT', '1024M'); (and other values) to WP-config but none of it helped.
Also tried to 'Update network', but I got an error - couldn't connect to host.
Any ideas?
I got in touch with our network admin and we resolved the issue.
I will copy his answer here. Hope it helps someone.
Does Wordpress use 'self-referential URLs' ? What I mean by this is...
is wordpress trying to access it's own templates/css using fully
qualified domain names in the URL (e.g. http://example.co.uk/someurl )
Because we use Network Address Translation (NAT) on our firewalls to
hide the real IP address of the server, it has the side effect that if
the server tries to access it's own URLs, it will try to send the
traffic to the external interface on our firewall, which is where the
DNS resolves to.
The fix for this is very simple - we just add the site url into the
/etc/hosts file so that the server knows to use it's own IP address
instead of the address on the firewall.
So he added our address to the hosts file and now it works perfectly.
Awesome.
I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout.
If you're still unable to identify the cause I'd recommend a catch-all solution of installing xdebug and profiling the page with webgrind, xcachegrind, etc
Had the same problem for a week and now the problem of very slow WP-admin was solved!
Before, I cannot access my sites if I use incognito or I am not logged in as WP user, but all times in the wp-admin, it takes me 40 seconds- minute or even never.
Solution that worked:
I accessed the files in the file manager using the CPanel, and I saw so many unused and unnecessary folders and themes and that's the reason that causes the very slow access to admin.
It was because during the days of being a newbie, I stuffed a lot of files in the Public Http and that made it congested.
I logged in to another CPanel account that I bought personally before, and compared the folders of the "proper" versus the "congested" and compress, backed-up and deleted all the unnecessary.
My host: Hostgator, responded well also.
Hope this would help others.
I also had a very slow Dashboad in wordpress. Reading the James C´s answer, I realized that my site is located in a corporate intranet behind a firewall to access internet.
James C answered:
"I've seen this before where the admin pages are trying to poll external Wordpress sites for details of Wordpress upgrades, plugin updates and Wordpress news. If there's no proper access (because of firewall restrictions, bad DNS, etc) then the page has to wait for the HTTP requests (I think WP uses cURL) to timeout."
My solution was avoid all the internet conections: (1) disable all the wordpress updates using the wordpress plugin "Disable all wordpress updates". (2) activate de wordpress pluging "Disable google fonts"
After these two plugin activations, the Dashboard works to a suitable speed.