WordPress.org

Ready to get started?Download WordPress

Forums

WordPress keeps breaking No clue whats wrong (58 posts)

  1. yo139
    Member
    Posted 6 years ago #

    Ok well I installed wordpress 2.5.x (whatever the latest is) like 3 days ago. I get it all set up with my theme and everything and it is just randomly breaking.

    The site is http://www.thegamerscafe.net right now the wp-admin page is broken but the first two times it happened the entire site broke. Whats going on? Its just going to a blank page when I go to http://www.thegamerscafe.net/wp-admin

  2. yo139
    Member
    Posted 6 years ago #

    Ok well its working for one account holder on my site but not me or my other account holder. What gives???

    But it wont let him log out

  3. syrupcore
    Member
    Posted 6 years ago #

    try backing up and then deleting your .htaccess file in your site's root folder.

  4. syrupcore
    Member
    Posted 6 years ago #

    do you remember the last thing you were doing before it stopped working?

  5. yo139
    Member
    Posted 6 years ago #

    Thats just it I wasnt doing anything. And now 2 of my writers can log in 2 cant even see the login page when we try to go to the wp-admin page.

    When you click that wp-admin link can you see the log in page?

  6. yo139
    Member
    Posted 6 years ago #

    Still doesnt work with my .httpacaccess file gone

    EDIT: And now it looks like the entire site is broken again

  7. syrupcore
    Member
    Posted 6 years ago #

    Make sure your wp-xxx folder permissions are set to 755
    Can you get to your database?
    Is all of the information in wp-config.php still correct?

  8. yo139
    Member
    Posted 6 years ago #

    Permissions are set to 755 and yes I can get to my database

    All info in wp-config is correct. It was working for a while too so...

    I did complete re install twice but it seems pointless this time. Id rather try and figure the problem out

  9. yo139
    Member
    Posted 6 years ago #

    Does this look right

    define('DB_NAME', 'wiilenet_thegamerscafe'); // The name of the database
    define('DB_USER', 'wiilenet_dark'); // Your MySQL username
    define('DB_PASSWORD', 'pword here'); // ...and password
    define('DB_HOST', 'localhost'); // 99% chance you won't need to change this value
    define('DB_CHARSET', 'utf-8');
    define('DB_COLLATE', '');

    I dont know what could have changed that though

  10. volcomkidd911
    Member
    Posted 6 years ago #

    bump, im the other holder

  11. volcomkidd911
    Member
    Posted 6 years ago #

    bump again

  12. yo139
    Member
    Posted 6 years ago #

    This is what its saying when I try to go to the site

    Most likely causes:
    You are not connected to the Internet.
    The website is encountering problems.
    There might be a typing error in the address

    Any clue what I can try? Please help this is making me mad now

  13. iridiax
    Member
    Posted 6 years ago #

    Just a few possibilities:

    • Your site is being hacked.
    • Your settings somewhere are incorrect.
    • A bad theme/plugin is causing problems.
    • Your web host/server is having problems.
  14. yo139
    Member
    Posted 6 years ago #

    1. I dont think thats hte problem the forums still work, my other site that is run off the same hosting still works and I am pretty sure the theme is good. Its called options, it worked for like 2 days before it went out (did this 3 times) I dont see what setting I could have wrong>

  15. iridiax
    Member
    Posted 6 years ago #

    Forum hacks and WordPress hacks may not be the same. Just because one WordPress site or forum site is okay does not mean that the other one is.

    To determine if the theme and/or plugin is the cause or not, switch to the default theme and disable all plugins to see if the problem goes away.

  16. yo139
    Member
    Posted 6 years ago #

    I cant thats the problem wp-admin wont work either

  17. syrupcore
    Member
    Posted 6 years ago #

    I think if you delete your other theme folders (backed up of course) wp will default to the "default" folder. If not, reinstall wp and don't install any themes/plugins. does it work?

    are you on dreamhost by chance? If so, localhost doesn't work.

  18. yo139
    Member
    Posted 6 years ago #

    I already re installed it like 3 times. It works but then ends up breaking in a day or two again.

    And I use cirtex hosting

  19. Mobster
    Member
    Posted 6 years ago #

    Did you look for any other ,htaccess files that are named something different?

    Like this .htaccess.addHandlerBak?

    Just curious.

    And another thing, Why the hell would a CMS like WordPress allow this type of activity? Clearly, by default, .htaccess should not allow someone to browse file like this.

    http://www.thegamerscafe.net/wp-includes/

  20. yo139
    Member
    Posted 6 years ago #

    There is a .htaccessbak

    What could that mean?

  21. Mobster
    Member
    Posted 6 years ago #

    If that is anything like mine, it overrides your admin privileges and allows the hacker to edit basically any file they choose.

    I'm not 100% positive but, I'm pretty certain that is not a default WordPress .htaccess file.

    I just posted this in another forum.

    I just repaired a major hacked site myself. It was a complete pain in my ass.

    Look for .htaccess.addHandlerBak or any .htaccess that doesn't belong there and delete it immediately!

    Because NOONE responded to any of my requests, I will only tell you what I found on my server. As you can see here HERE

    Your file changes look almost identical to mine and the hackers added files throughout my server that mirrored certain files in my directory but added a prefix to the file, Mine was fx_

    Through these files and the .htaccess.addHandlerBak they essentially had overridden my admin privileges and made their own through .htaccess. They also uploaded some sort of admin panel of their own (eval script) I believe, that gave them full reign of my main directory and mysql database as well.

    I would suggest backing up your current theme, database and completely delete ALL current files on your host and uploading a fresh install of WordPress 2.5.1.

    Be sure to double, tipple check your theme for files you don't recognize and delete those files before uploading to the server. Otherwise it's a backdoor for them to get back in.

    I also read somewhere to add an index.html file to your plugins directory to prevent hackers from browsing that directory. (A sort of dumb thing for WordPress to leave out in my opinion)

    Browse MySql wp_options / current_plugins for any suspicious looking code that pertains to uploads or .jpg images.

    Check all of your uploads in your current theme for any file you don't recognize and delete.

    Also, Look here , you might find a few things that help (even though It didn't help me much)

    Also, if your hosting company offers fantastico wordpress setup and you do a manual install. I found out that the old version installed on fantastico can be hack which compromises your current (up to date) installation.

    You might want to contact your hosting company to see if your server has been compromised in any way.

    Good luck.

  22. yo139
    Member
    Posted 6 years ago #

    The .htaccessback is suppose to be there I believe

    I just cant see it being a hacker at this point. Why would they want to jack up my site that I just bought the domain for like last week. My other site has been running fine through this whole thing and it is on the same hosting.

  23. Mobster
    Member
    Posted 6 years ago #

    I had a site, no lie, that was hacked within a week on a brand new server brand new domain, brand new install.

    I think they robot WordPress for it's vulnerabilities. I might be crazy but, that's the only way someone could have possibly found my new site that was hacked.

    Don't kid yourself by thinking WordPress is hackersafe. No matter how new the site is.

    I'd love to see that .htaccessbak file (edited for safety of course)

  24. yo139
    Member
    Posted 6 years ago #

    Here it is

    <IfModule mod_security.c> # Turn off mod_security filtering. SMF is a big boy, it doesn't need its hands held. SecFilterEngine Off # The below probably isn't needed, but better safe than sorry. SecFilterScanPOST Off</IfModule>

    SMF is simple machines forums which I run

  25. whooami
    Member
    Posted 6 years ago #

    The .htaccessback is suppose to be there I believe

    no, it is not. its a useless file, named as such, and regardless of how it got there, its not doing anything.

  26. yo139
    Member
    Posted 6 years ago #

    I know that I mean I dont think it was added by a hacker or anything

    I Just got rid of it

  27. Mobster
    Member
    Posted 6 years ago #

    Well... My file actually was some sort of redirect for the admin. It had a password associated with it that allowed the attacker to edit my files. Not sure about yours.

  28. yo139
    Member
    Posted 6 years ago #

    Seriously? What should I do now?

  29. whooami
    Member
    Posted 6 years ago #

    you havent described anything that is even remotely diagnosable. What do your error_logs say? If you dont have error logs, enable them.

  30. Mobster
    Member
    Posted 6 years ago #

    I changed my post above.. I don't claim to be an expert but, I was hacked and no one in here had any answers. I found the problems myself.

    Do you see any funny files in your recent uploads file? Do you use FTP?

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.