Posted 1 month ago #
Okay, I just had a problem with Wordpress (version 2.8.1) and reinstalled it. I upgraded to version 2.8.4 and for a few days it seemed to be back to working fine. I didn't log in at all (I didn't even look at it) since then and today I come view it only to find a whole new problem that I had nothing to do with. The page starts to load and then goes blank. Can anyone diagnose this?
Here's my site if you want to look.
www.snakevsmongoose.info
Disable your plugins and see if that lets you in.
If you can't get into the admin area, FTP in and rename the plugins folder to plugins-old or something similar.
Posted 1 month ago #
Nope. That wasn't it.
If you click the link to my site you can see that it loads for a split second and then goes blank. I've managed to pause it right before it went blank and saw that the side bar stops loading after the Categories section. The other things on the page are the Admin panel, a links section, and a tag cloud. Not sure if that helps at all.
Like I said, I didn't do anything between when it was working and when this happened.
the site is loading fine for me.
Posted 1 month ago #
Well maybe it's just me. I'm going to try on another computer.
I'm getting a blank page in FF3 and IE8 - although I did get a split second display.
Have you tried:
- switching to the default theme to rule out any theme-related problems?
- resetting the plugins folder by FTP or phpMyAdmin? Sometimes, an apparently inactive plugin can still cause problems.
Where is the site hosted? http://www.snakevsmongoose.info/wp-admin produces a 404.
and in the minute you see nothing, I still see something. Interesting.
the default theme is being used, btw, thats what I see, with some color tweeks -- brown header, for instamce.
and that 404 -- thats godaddys.
oh! I know why.
Its a javascript problem.
I havent tried it, but since I surf with js disabled, Im loading the pages without js -- which is fine.
Let me go confirm ...........
yap. thats why.
your site is hacked. there is malicious script trying to run in your footer.
thats WHY i surf with javascript disabled.
Posted 1 month ago #
I see. Any idea what I should do about it? As I said, I just reinstalled Wordpress this week to deal with a previous problem. I'd be kinda bummed to do it again, especially if I don't know how to protect myself.
well what was the previous problem? lets start there.
time is of the essense here, btw, google will delist you when it's bot picks that up.
http://www.google.com/search?q=ClgwzwPlDp%3D%27%27%3Bvar+nVJN%3D%27%27%3B&hl=en&filter=0
Posted 1 month ago #
The old problem was something along the lines of "an error in line 40 of the widgets folder." It looked nothing like this one.
I reinstalled everything after that and immediately upgraded to 2.8.4 because I was told 2.8.1 (Which was what I had) was vulnerable.
your other post here on this forum leads me to believe your site was exploited then... so you upgraded an already exploited site.
the immediate thing to do is to remove ANY and ALL malicious code from your current theme's files.
Once youve done that, youve taken care of the immediate symptom.
After that,
<start of copy and paste>
Make sure that your files on the server are clean. That means deleting and reuploading. Files that you dont replace, should be swept.
Check for files that dont belong, directories that dont belong. Image files with changed timestamps -- look at those. Its VERY common for there to be scripts on sites that are named in such a way to mask the fact that theyre scripts.
Be suspicious, when youre looking at things.
Look at your permissions. Do you have world writable files? Any world-writable directories? Are they necessary?
You need to check your database. Look for rogue plugins being loaded, look for rogue users (specifically look for a user named wordpress). You will NOT see rogue plugins or rogue users in your wp-admin/ area. You need to check your database.
Make sure ALL of your plugins are current.
Make sure your wordpress is current.
Change your mysql password that wordpress uses (update your wp-config.php with that new password). Especiallly important in cases where you see changes to your mysql database.
Change any admin level passwords on your blog. Change your ftp password(s)
Scan your local machine for malware.
Look at any other software thats being used on your site. Is it current?
That's just an outline and not a complete list.
There's quite a bit to do, but it's all necessary.
If you cant do it all -- by all means dont hesitate to enlist the help of someone who can. Quite a few of us do work on the side.
Then there's this:
http://codex.wordpress.org/Hardening_WordPress
and this:
http://wordpress.org/support/topic/307660?replies=1
and this:
http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/
same directions reworded:
http://codex.wordpress.org/FAQ_My_site_was_hacked
<stop of copy and paste>
btw, had you looked at the file you mentioned in your other post on the forum, it had been altered.
I guarantee you.
iridiax suggested that in his reply.
Posted 1 month ago #
So the problem is in the themes folder? Should I just delete and replace it? I was only using default anyway.
I provided instructions above. You can do as you like, follow them or not.
You sluffed off the suggestions in the other thread and here you are....
Posted 1 month ago #
I'm not trying to ignore the instructions. I just honestly don't know what is malicious and what isn't. Last time I thought I followed the instructions. I deleted everything manually except the stuff I wasn't supposed to and then preformed an automatic upgrade when the site seemed to be working.
I'm not trying to seem lazy, but I'm just not very adept at this stuff. I really appreciate your trying to help too.
Ok, fair enough.
At this point, you need to assume its all malicious. Dont try to pick and choose.
Lets do this:
Clean out the theme files.
Youre using the defualt theme, sodelete the current theme files off your site and upload new ones (out of the wordpress zip).
Solve that immediate problem. then post back.
Posted 1 month ago #
Tried. It didn't fix it. Should I try another manual reinstall?
ok, then the problem is not in your theme.
1. Deactivate your plugins
2. Delete all the wordpress related files off your site except for wp-config.php
3. Reupload fresh files.
Open your wp-config.php and make sure that there is NO malicious code in that.
At that point, you should have all clean files within your wordpress install.
Right?
Thats what I suggested doing above, and that is what is inside all the links I provided.
Thats ONE step of many.
Posted 1 month ago #
Well, I've been trying to do it but now my FTP uploads aren't even working right (I've tried a few clients including GoDaddy's built in one). They keep shutting down during the upload process.
I thank you for you help and for the security links that I'll follow when I eventually do get this running, but I think this is going to be a long, tedious problem. I've deleted all my files and backed up my content and config files, but this is going to have to wait for later.
Again, thanks for trying.
You must log in to post.
