I had some guys 'fix' my self-hosted WordPress site after I screwed it up by manipulating the .htcaccess file. It's all working fine now but the editor page has disappeared.
It's a multisite configuration. I used to be able to access 'Editor' from 'Network Admin' under 'Appearance'.
The guys who 'fixed' my site say the editor isn't available with multisite, which I know isn't true.
Any help / advice would be much appreciated!
The administrative plugin/theme editor can be disabled through the constant DISALLOW_FILE_EDIT in the file wp-config.php.
It comes as a security measure. As a fellow at WordPress Answers put it: editing plugin/themes this way is like working on the plane engine while it's on flight.
The biggest shortcoming is that this editor doesn't have backups. Any simple mistake may take the site down and you'll have to go through FTP to disable the theme/plugin, download it and correct the bug.
I've discussed this constant and its alternatives in this Q&A: Alternatives to DISALLOW_FILE_EDIT wp-config Constant? It Breaks Some Plugins.
Related
I have seen lots of critical errors on my WordPress website. I attached a screenshot below that shows some of these issues. Please look at this and provide some suggestions so that I can fix this problem.
Thank you so much.
Depends how badly broken your site has become.
What is it doing to make you think it's been hacked? Is it just the warnings in the Wordfence scan report?
Before going much further you should for sure grab a backup of your database, wp-config.php, and the contents of the directories wp-content/themes, wp-content/uploads, and wp-content/plugins. Might be a good idea to make a separate backup of the entire WordPress installation directory.
Since you can still access the administration panel, might as well change your password just to be safe. Are there multiple users for your WP installation?
What changes have been made if you click "Details" button in the Wordfence scan?
If you're sure changes to the wp-core files are due to a hack, you can try to repair them using Wordfence's repair feature--it'll restore them to their base WordPress version. But if significant differences are showing for dozens of core files, might be a good idea start over with a clean installation of WordPress.
You'll also want to track down what allowed these malicious changes to be made (has an unknown IP logged into your administration panel recently? Are you using a plugin with a known security issue?), or it'll just happen again.
I've having an annoying issue with Wordpress.
First I have to say that I'm not very familiar with Wordpress, I’m using it because I agree to take the management of the website of my sport club.
Now let’s me explain the issue. The previous manager of the website found a plugin that he think will be nice for the website.
But now that I’m managing, I want to make some change to this plugin (which is under GNU GPLv3 License so I have the right to do it).
So I install wamp on my computer, then wordpress and then I add the plugin to it in the purpose to test my changes.
I was thinking that when editing the files under “…\wp-content\plugins...” it will take effect instantly but it’s not.
I try to restart wamp after making some changes but it does not solve my issue.
A bit later I found that in wordpress there is a plugin modification interface and when going in it I found that the changes that I made on the files where not taken. Is there a cache of the files or something?
So my question is the following: Is there a way to edit the files in the folders (I’m using Visual Studio Code) and that the changes are applied instantly to the “running” plugin in my local instance?
I hope I was able to be clear enough so you guys can understand me
Thanks in advance
I’m using the latest version of Wordpress (4.7.4).
I have something very weird going on in my Dashboard. Not sure when this started.
Can’t say for sure it started with the latest version of Wordpress or not.
My Dashboard became completely useless.
It’s like it’s showing me a flashback of a Dashboard from a few days or hours ago:
Comments I’ve deleted in the Dashboard (hitting “trash”) are suddenly back there, awaiting my moderation.
Plugins I’ve deactivated or even deleted are all back there and according to Dashboard still running (while in my FTP folder they’re certainly gone).
The plugin page cannot be trusted anymore as it shows some plugins are activated that aren’t and vice versa. I have to check on my actual website to confirm which ones are running.
Updates aren’t shown correctly. Once I’ve updated a plugin, a few minutes later it shows me again that there’s a new update.
As you can tell it’s all pretty much the same phenomenon.
It’s as if I’m seeing an older version of my Dashboard.
Not sure what else is broken.
The only other thing I noticed is that even on my actual blog I still see a comment. Blog post says “1 comment”, but the actual comment doesn’t show up.
At first, this all sounds like a “cache problem”.
But I’ve already turned off all caching:
No caching plugin installed
Turned off server caching via htaccess
Disabled leverage browser caching
Emptied my own browser cache
Other things I tested:
Turn off all plugins.
Switch to the standard Wordpress theme “Twenty Twelve”
I tried WP_DEBUG, but nothing related shows up.
I researched the internet, but nobody has described a similar problem, so I suppose this is not a common Wordpress issue.
The issue remains.
Unfortunately I’m not a developer and don’t know too much about the Wordpress codex etc.
But to me it sounds that the mistake is definitely not in the plugin or theme folder.
The problem is that I’ve reached the point where I really cannot turn off plugins via Dashboard properly anymore. It’s so annyoing!
My questions are:
Is it safe to assume that this is related to the Wordpress core
files?
What files exactly are in “charge of” the Dashboard?
Should I just try to re-download the newest Wordpress version and replace a few files (if so which ones)?
Should I do a clean Wordpress re-install or would that be too drastic?
Any other suggestions?
EDIT:
Additionally I tried now:
I manually downloaded the newest version of Wordpress and did just as
described on the Wordpress.org website. I manually replaced wp-admin,
wp-include folders and all root files. The issue remains...
The way my Dashboard is right now, I really can’t use it.
Please advice!
I contacted my host service again.
They just gave me the same line to insert into my .htaccess file and I told them I already tried it and it didn't work.
I then showed them my .htaccess file and they deleted the whole part that concerned their server caching.
Now server caching is completely off and everything works again.
Still not sure why this previously never caused issues.
In the end, it had nothing to do with Wordpress.
I hope this answer will help people who run into similar problems.
I'm helping someone that has no technical experiences with their WordPress site, and I realized he may have accidentally set it up as a multisite.
My question is if I don't want to go through all the trouble of changing the site back to a regular WordPress site, can I just treat and use the site as a regular WordPress site? Or will there be any technical difficulties later on?
(the site just displays some content and can put items in shopping cart to buy them)
And since it's a multisite and I only have admin power and not super admin, to install plugins I would have to either ask for access to the super admin account or have the person install the plugins for me, right?
Lastly, how would I access and change the wp-content/ files to customize (css/html/js) the templates myself? Do I just download Filezilla to grab the files and change them and upload them back? Or is there a better way to do this?
And would I need super admin power to do this and what additional information do I need to set up the Filezilla besides the site url, my admin account and password?
Sorry for so many questions on here, please let me know if you need any additional information.
Thanks!
he may have accidentally set it up as a multisite.
This sounds weird. Setting up a multisite is not something you do accidently.
I would suggest you ask access through ftp (FileZilla should do, and you do not need to be super admin). To see if it's multisite or not, you can look at the .htaccess file or wp-config.php. If you really do not need the multisite, it's best to revert back to a single install.
Now, to answer your questions,
can I just treat and use the site as a regular WordPress site?
No, you can't, especially not if you are not network admin. You need this to upgrade WP, plugins and the theme. Keeping the installation up-to-date is crucial for security.
to install plugins I would have to either ask for access to the super
admin account or have the person install the plugins for me, right?
Being able to install and update plugins from within the WordPress Admin is convenient. Technically, however, you can also do so through FTP: simply add the plugins to /wp-content/plugins/ and the themes to /wp-content/themes/. You can then activate these on the site.
how would I access and change the wp-content/ files to customize
(css/html/js) the templates myself?
FileZilla indeed. If you have access to the network you can edit these in the WP admin too, but I personally prefer to do so with an editor like Notepad++.
what additional information do I need to set up the Filezilla besides
the site url, my admin account and password?
You can't use your WordPress password for this, you need to have FTP access, and even better sFTP (encrypted). This is something the host should provide. Perhaps these tutorials may be helpful.
GL with it!
Greetings and thanks in advance for your feedback. Now I realize that this isn't GoDaddy tech support but I'm asking the question here before I step into those murky, black waters.
Scenario: I edit the CSS and various templates for the default template via Appearance > Editor. All looks and performs great. I hand off to my client. She reports back that after adding a new post the customizations are overwritten and the default theme files are restored! She claims that GoDaddy told her that its "on my end."
Nonsense, right? There is no relation between adding a post and updating theme files, right?
This is the second time this has occurred - the first time we assumed GoDaddy had backups of the customized files (not). At least with the second occurrence, I had a local backup.
Any ideas or suggestions?
either that or the wordpress install has been upgraded, if your theme folder is still using the default then it will be overwritten by wordpress on upgrade..
if so change your default theme folder to something else...
then edit the css file and give it a new name...
Use FTP and a text editor to edit the theme files directly and check their permissions. I think the changes are not taking effect because you've got file permission problems, and as soon as the client forces a reload of the site, she sees the unchanged files again.
And if you're using a Windows server, consider changing to Linux. GoDaddy has lots of problems with Wordpress on Windows, from permission problems to permalinks. You can change to a Linux server in a few hours: Switching Your Hosting Account Operating System - GoDaddy Help Center