[resolved] My password-protected pages are suddenly no longer accessible (5 posts)

  1. rossmcm
    Posted 2 years ago #

    My password-protected pages are no longer accessible. When I click on a link, I get the password screen as usual, but the password does not work. When I press "submit" the password page reloads again.

    I've tried resetting the password, changing the password to no avail.

    I created a new page and assigned it a password - no go.

    (here's the link: href="http://www.cityofsailschorus.com/members-area/password-test-page

    the password is 1234)

    The site runs the default theme, and I have disabled all plug-ins.

    I'm not sure, but I have a strong suspicion the problem started happening after I upgraded to 3.5. The site was set up by a WP guru and I have sort of inherited the maintenance of it but I am fairly green on WP.

    Any suggestions appreciated.

  2. rossmcm
    Posted 2 years ago #

    Thanks Christine. It looks like this one: http://blog.sucuri.net/2012/12/website-malware-sharp-increase-in-spam-attacks-wordpress-joomla.html.

    What I'm curious to know is how these cretins get into the site. The hosting provider isn't interested - "it's your problem, not ours", though when this happened with another site I administer, I found that all the sites that were co-hosted with mine were also infected - I just checked the adjacent IP addresses, but that approach doesn't seem to work here.

    At first glance it looks as if only one file - header.php - is affected, though even after fixing that the site still seems to be broken.

    I'm currently getting a snapshot of the wp folders and will take a better look.

  3. rossmcm
    Posted 2 years ago #

    Hi again Christine,

    The site now reports as clean after the Sucuri scan, but the password problem is still with us. I also seem to have a rogue fragment of HTML showing in the header (if you look at http://www.cityofsailschorus.com/members-area/password-test-page you can see it just to the right of the "pole") so something is still screwy somewhere. I don't know where next to look.

    Thanks for your help,

  4. rossmcm
    Posted 2 years ago #

    This event turned out to be two problems. The first was the hijacking of my footer.php file by a link farm as described here. This didn't actually have any visible impact on the operation of the website that I can see. The password problem was due to the handling of passwords being changed between the version of WP I was running to version 3.5 (see here).

    I still have a problem where the markup for a slideshow is now not being parsed correctly and is resulting in the fragment of markup being emitted to the page, also I suspect related to the "upgrade".

Topic Closed

This topic has been closed to new replies.

About this Topic