There is no such file in WordPress by default. Site url?
Thread Starter
ddas
(@ddas)
It’s happening on both johnwatsondrums.com
Many hosts experienced problems due to mass attacks recently and may have limited access to wp-admin and/or wp-login.php as a result. Your hosts may be one of them. Try contacting them about it.
Why are you using an old copy of WordPress? Were you aware that your site is currently running a very real risk of being hacked? You need to upgrade WordPress asap.
Thread Starter
ddas
(@ddas)
I didn’t realize it was older. I run several sites, so I may have gotten a version or two behind on this particular one.
I think I can simply update WP via FTP, correct? By replacing everything with a fresh updated copy, except for the unique elements inside wp-content, correct?
That depends. What version of WordPress are you currently running?
Thread Starter
ddas
(@ddas)
That site is 3.6. (I assumed when you said “why are you running an older version” that you had examined it and seen it was on 3.6.)
I have no idea what wp-lc.php is, but recaptchalib.php is the name of the file in the Google PHP library for reCaptcha. Any chance your site was using reCapache on wp-login.php without using a plugin? I’d start by deactivating any reCaptcha plugins, if any, (though I still suspect it’s some sort of manual install), so you might want to check wp-login.php as well.
Did you contact your hosts about this?
Esmi’s question reminded me of something. Though we’ve quit using recaptcha ages ago, I have had clients who installed via cpanel. As I recall, it broke when the host did a php upgrade. Since this doesn’t seem WordPress specific, I’d follow esmi’s advice and contact your host.
Thread Starter
ddas
(@ddas)
I’ve contacted my host and am waiting to hear back.
I did try manually deleting all the WP files (except wp-content) and re-uploading a completely fresh copy of the latest WP (3.6.1) and that did not fix it. I also tried completely disabling my htaccess and php.ini files and that didn’t fix it either.
Interestingly, I have a main domain and several add-on domains inside the same account. I can log into WP in the main domain, but all of the add-on domains produce the same captcha error.
I am not using captcha on any of the add-on domains (that I know of — unless it’s embedded inside a plug-in somewhere).
After googling, I found a couple of scattered references to this error, and all the people who’ve seen it before seem to say it’s a PHP error, not a hack. I checked my PHP version, and it’s up to date. But it could well be related to my host or related to host-wide security problems.
Thanks everyone for your help…it’s not solved yet but I’ll update this thread if I do solve it. (I need to solve it somehow!)
