Thread Starter
H.T.
(@ht-2)
Deinstall and new installation of otce does not solve the problem.
Thread Starter
H.T.
(@ht-2)
Spooky. Error 404 is gone after deactivating Yoast SEO.
I try to reproduce the issue, but after activating Yoast SEO the error is still gone. Creating of new events is possible with no error 404.
The Top level event count issue is still present.
@ht-2
First, apologies for late reply. We’ve added support people and changed systems so we’ll be on forums more frequently.
Regarding the top level event count, do you have some in the Trash from testing? Or perhaps you have some caching? We’ve had some bugs before, but this count is the first we’ve heard of that. Let us know if that is still and issue.
Also, regarding the 404 strange with Yoast, but glad the problem resolved.
Thread Starter
H.T.
(@ht-2)
Thanks for replying this issue.
The Error 404 Problem is back. I turned off all PlugIns except WooCommerce and OpenTickets. Regardless the deactivating of all other PlugIns, the Error 404 came back. To resolve this i have to de- and activate OTCE. After a couple of hours the stored events ran into Error 404 again. Now WooCommerce schow in WP a note that i have to update my DB Tables. OK. Done. Note is gone. Tried to call the event. Error 404. De- and activate OTCE works. After a couple of hours, Error 404. Aaaargh. And the note is also back ????? Ok. DB broken? Incompatible? Installed WP on MySQL Version 5.5.48. WP want 5.6 but support my used Version. PHP Version is 5.6. Anyway, i decided to change the DB and PHP Versions on Monday.
But on Sunday the annoying issue grows up to a disaster. I received a couple of orders, cancelations and failed orders. Here some examples:
http://prntscr.com/ck4r8m
http://prntscr.com/ck4rmx
http://prntscr.com/ck4ruh
After that i found new items under the categorie events in the backend. In WooCommerce under Products and in WP under articles. They were not visible in the frontend. But to late.
Some of our users got e-mails with addvertisements. Official originator, my website.
Do you know something about this hack, exploit, overflow or whatever here went wrong with my install? I dont think that is only a problem with WP, OTCE, WooCommerce or my DB. I think it is a combination of all. For testing i turned off WooCommerce and OTCE, deleted all users to secure their data, and waited for a new attack. Nothing happend till now. So it seems there is a problem with my WooCommerce and OTCE install. On my WP install no user can post anything. No building of pages, articles or comments allowed. So the question is what was the door opener? For your information, i am not searching for a culprit, i only want to understand which issue is responsible for my problem and how to prevent the site against such attacks.
I will move my installation to MySQL 5.6.31 and PHP 7.
But is this enough?
Hope you can help me and others with similar problems.
@ht-2 It sounds like a WordPress exploit from some of your examples. It is unlikely, though not impossible, WooCommerce or OT has a vulnerabiility.
However, since both run on WordPress, and WordPress handles all authentication, and, with proper setup, all security of USer Accounts.
Here’s just a handful of possible ways to get in.
– Default WordPress isn’t uber-secure without using some Security plugins like iTHemes Security and WordFence
– SOmeone with priviliges could have a keylogger, which gave some hacker access by letting them watch your keystrokes to login
– the server itself could have gotten a remailer payload (from your example, this is likely)
– if you aren’t using HTTPS on your website, and are logging into Admin via http, that’s like using plain text. If you are on a wifi, someone can packet sniff that password
– if you permissions aren’t set right, someone could drop php into yoru install, often through the uploads folder not prevening php uploads
We can do a screen-share session to help you take a look and advise. If that is of interest, email info at opentickets.com and we can schedule a time.
@ht-2 we haven’t heard back on this issue, so you need further help re-open it.
