WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] parse error (17 posts)

  1. johncsnider
    Member
    Posted 4 years ago #

    Today a visitor to my blog (http://www.scifidimensions.com) pointed out that it gives the following error message:

    Parse error: syntax error, unexpected '<' in /export/home/sc/scifid71/public_html/main/wp-config.php on line 66

    Is this a WordPress error or something else? Any ideas on a fix?

    Thanks!

  2. esmi
    Forum Moderator
    Posted 4 years ago #

    You have a damaged/corrupted config file. I suggest you download and examine wp-config.php asap.

  3. johncsnider
    Member
    Posted 4 years ago #

    I wouldn't know what to look for if I did examine it. What would I be looking for?

  4. iridiax
    Member
    Posted 4 years ago #

    Sudden parse errors can be a sign of hacking.

  5. esmi
    Forum Moderator
    Posted 4 years ago #

    What to do if you think you've been hacked:
    http://wordpress.org/support/topic/268083#post-1065779

  6. johncsnider
    Member
    Posted 4 years ago #

    What do I do if I can't log in? Visiting the site yields the error I first listed. So if I can't log in as admin how do I even begin to fix the problem?

    Finally, let me say that I'm no coder. I'm really just a user of WordPress, and lately it seems like it's waaay too easy to get hacked. I already reinstalled WordPress 2.8.4 from the ground up and changed my password, but it still (apparently) didn't fix the problem.

  7. johncsnider
    Member
    Posted 4 years ago #

    P.S. I was able to open the wp-config.php via my FTP Explorer, and there are a lot of spam links and other gobbledygook. Trouble is, I don't know what to delete, what to keep, and what to change. What a mess.

  8. alism
    Member
    Posted 4 years ago #

    You don't have to be a coder to use the self hosted version of WordPress, but it certainly helps if you're prepared to get your hands dirty and are willing to learn a bit about how it works in order to get the best out of it.

    If you don't want to bother with any of that, or if you don't want the hassle of keeping it up to date or managing it, then the WordPress.com version is for you. It's ease of use vs a more customisable blogging solution.

    But anyway...

    Start by downloading a fresh copy of WordPress:
    http://wordpress.org/download/
    ...and unzip it onto your hard drive.

    Then grab your wp-config.php from your webspace and save it onto your hard drive as wp-config-hacked.php (or something). Close it.

    Download another copy of the wp-config.php file and open it.

    In the unzipped fresh version of WordPress you've now got on your hard drive, find and open the wp-config-sample.php file.

    You should be able to fill in the relevant details on the wp-config-sample.php file, using the hacked wp-config.php file as your source. You should find the database username and password that you can insert (it goes in the "usernamehere" and the "yourpasswordhere" space).

    Then you can fill in the four Authentication keys lines, using this page - just copy and paste them into your wp-config-sample.php in the relevant space:
    https://api.wordpress.org/secret-key/1.1/

    Once you're done, save it as wp-config.php, then upload that to your webspace and see what happens.

    Phew.

  9. johncsnider
    Member
    Posted 4 years ago #

    alism,

    OK, I've downloaded and unzipped WP2.8.4 on my laptop. I've also saved the corrupted file to my laptop. Now, in the files I downloaded, there's no "wp-config.php" but there is something called "wp-config-sample.php." Is that the right file?

    Thanks,
    John

  10. alism
    Member
    Posted 4 years ago #

    ^^^ answered above...

  11. johncsnider
    Member
    Posted 4 years ago #

    Got it. Now...what's the deal with the code you said to copy for the four Authentication keys lines? What is that stuff?

  12. alism
    Member
    Posted 4 years ago #

    Good to see you getting curious... best way to learn. :-)

    Each time you load this page:
    https://api.wordpress.org/secret-key/1.1/
    ...it'll generate four random strings. You don't have to use it, you can make up your own if you like. It's just an easy copy and paste, that's all.

    WordPress then uses those random strings to encrypt cookies from your site. In a nutshell, it's a security thing:
    http://codex.wordpress.org/Editing_wp-config.php#Security_Keys

  13. johncsnider
    Member
    Posted 4 years ago #

    OK, I did it and now I can pull up my site.

    What's the next thing I need to do? Change my password?

  14. alism
    Member
    Posted 4 years ago #

    Yay!

    Yep, change your passwords. FTP and WordPress. Also check there's no extra administrators listed on the Users page when you log into your wordpress admin.

    Take a back up of your site and database.

    It would probably be good idea to do a complete re-install of WordPress too, just in case any of the core files have been altered aswell.

    Then read the links at the bottom of this page:
    http://wordpress.org/support/topic/307660?replies=1

    There's plenty of documentation on the forums about how to clean/check your site after a hack.

    Best of luck. :-)

  15. johncsnider
    Member
    Posted 4 years ago #

    Changed my admin password, made an SQL backup.

    Now, if I reinstall wordpress, is that just a matter of uploading the files I just downloaded an unzipped, then making sure the wp-config.php has all the IDs and passwords? Do any other files need to be modified for this to work?

  16. alism
    Member
    Posted 4 years ago #

    Pretty much.

    Delete the wp-admin and wp-includes directories and the WordPress files inside the root folder --- except the wp-config.php file that you've already done. Don't touch the wp-contents folder either.

    Then re-upload those files/folders you've just deleted with the ones in that zip (but once again, don't try to upload the wp-contents folder).

  17. apsara
    Member
    Posted 4 years ago #

    Many of my sites (on the same host) have started to show this oneline error:

    Parse error: syntax error, unexpected T_LNUMBER, expecting ',' or ';' in /home/sugardr/public_html/namaste.net.in/index.php on line 20

    Not all are wordpress sites. There are SMF+Simple portal sites and wordrpess site.

    How can there be sudden script errors on all sites? Suspecting server problem, I raised a ticket and the hosting guys have redirected me to their affliates who are specialists in 'fixing script errors'.

    Isnt this exploitation? Anyway. I will have to change host in future.

    But can any one help me now on what to do on this error line?

    I have ftp access.

Topic Closed

This topic has been closed to new replies.

About this Topic