Support » Fixing WordPress » Site down, wp_error could not be converted to string…

  • Hi, this morning I’ve found my site down. The last editing was yesterday, and after that everything was OK.

    Now I have this everywhere, including the admin login page:

    Catchable fatal error: Object of class WP_Error could not be converted to string in /home/setarep/public_html/wp/wp-includes/default-constants.php on line 135

    The line it refers to:

    define( ‘WP_CONTENT_URL’, get_option(‘siteurl’) . ‘/wp-content’); // full url – WP_CONTENT_DIR is defined further up

    I read through the related topic, but none of the answers did help. Many of them does not

    I turned off the plugins from the database, but nothing has changed. (Plugins are still off.) Breadcrumbs are also off.

    I’m out of ideas, could you please give some help? The site is: http://setarepules.info.

    Greets

Viewing 12 replies - 16 through 27 (of 27 total)
  • Rob, I’ll express the same concerns to you that I did to klebercz, i.e., that your site may be compromised. You were wise to change your database password. I would also suggest you change your hosting provider control panel’s password, & I would recommend as well that you study your database & site content carefully for signs of a compromise.

    Hi Rob, thank you for the brilliant hint, it worked well, the site brights in it’s full glory. 🙂

    Here you can see the text I’ve found where the URL should have been:
    http://setarepules.info/kell/wp-option_messed-up-text.png

    For me it looks like some WP thingy, rather than some bad guys’ stuff, but this is just a guesswork.

    Jackie, thank you for the support, I took your advice and changed passwords everywhere.

    Have fun!

    Rob, maybe we could help WordPress to find out the bug (if any) by comparing our setup. I have

    Enigma Pro,
    Jetpack,
    Easy Heads Up Bar,
    Google Analytics,
    Sitemap for Google,
    WP Page Widgets,
    WP Post URL

    Failure’s back again. Now it was easy to fix it, but it would be nice to know the reason.

    Is there any way to lock this field in the database, so that nothing could overwrite it? I could not find an option like this.

    Well, klebercz, I’m really not at all certain that this is a WordPress issue per se. I’ve stated already that I believe your site may be hacked, & this tends to confirm that suspicion, though again, I can’t say w/100% certainty that this is the case. When url’s start to get replaced in the database w/weird stuff, I get very suspicious very quickly. The fact that this recurred suggests that, although you “fixed” the problem, the underlying cause has not in fact been addressed.

    I suggest you get a professional to take a look to determine the integrity of your site.

    Jackie, I would never claim that it was a bug, I’m way too lame for a statement like this. Just thought that there are a few WP users concerned, all interested about out the nature of this problem, whatever it is.

    The time of the two failures are pretty well known, so I asked my host to check what happened on the site in these periods of time. Anything he would find I will let you know.

    klebercz, the thing that’s interesting here is that, as I believe you’re aware, I’m trying to help both you & another site owner w/very similar if not identical problems. I’d like to find what’s causing this as well.

    It’d be interesting to know if the 2 of you run any common plugins, etc, though I truly do question, even if that is the case, whether they would be at fault.

    I wish I could get a look at the files & databases in question, but forum rules prohibit that. Frustrating, though the reason for those rules is thoroughly understandable. Nonetheless, sometimes I do feel like my hands are tied.

    I do have a niggling feeling that both sites could be compromised at the database level, but, as of this post, it’s not something I can either prove or disprove. Clearly if it’s not a compromise, then something is happening that needs to be brought to someone’s attention. That truly sounds like the understatement of the century to date.

    Unfortunately, a site compromise does not always show up in the site source itself. But whether the cybercriminal has visibly taken control of a site or not, the truth is that if the site owner does not have full & exclusive control of the site, it’s not a good thing.

    I have seen instances where a site’s database was compromised, but plugins designed to search out only file modifications &/oror rather narrowly defined database changes failed to alert the site owner.

    My own feeling at this juncture is that you would do well to consider treating this as a site compromise. I would sincerely advise you to backup your database, then change the passwords to your dashboard, control panel, & database. I would Also advise you to export all your content using the WordPress Import & Export plugin. Also back up all files to your computer, but label the backup as a possible hack. Make sure you have known good copies of any premium plugins or themes you’ve purchased. Then delete all files in your web root that were not put there by your host.

    Go through all your uploads & ensure that images do not contain code, as this can be a way that criminals gain entrance. Better yet, upload known good copies from your computer, & don’t use the uploads you backed up at all–it’ll save time & provide some additional insurance that the files are in fact good. Next, reinstall WordPress. Look through your .xml file prior to importing to ensure that everything looks correct, i.e., that there are no dodgy links, etc. Change your settings to be the same as the previous site’s. Reupload your uploads folder, then import the .xml file w/the WordPress Import/Export plugin. At that point, you should have a clean install of WordPress.

    Lastly, you may wish to ask that your host verify the integrity of files that it has placed on those portions of the server to which you don’t have access.

    If the problem arises again after that, then I think there really is a case that something is amiss, either in the WordPresss core (unlikely), or in 1 of the plugins or themes.

    I realize this is a lot of work, but at this point, I think it’s the only sure way, without securing professional services, to ensure you’re not dealing w/a compromise.

    Jackie, thank you for writing down all these advises, I’m trying to apply them one by one. I would be glad if you could take a look at my files, would happily send the access data (you see my e-mail). If it is against the forum rules, we might find a workaround. I could put the whole thing to another server, in a kind of sandbox, where it does not matter what happens to the files. I can even ask the host to give it open access, so you can examine them without logging in anywhere. I will come back to you as soon as the host or I find out something new.

    Hi,

    I am in the same case with my website (down for several time).
    I am interesting if you find the reason of this bug,

    Thanks,

    I had the same problem one day when I opened my website. I was scared because I did not know what to do.

    It has something to do with your database but if you follow the instructions from the link provided below, it definitely will get the job done trust me.

    See the link here https://www.msgdigital.com/catchable-fatal-error-object-of-class-wp_error-could-not-be-converted-to-string/

    I’m another one who has experienced this error. It first appeared a week ago, then again yesterday and again today. Does anyone have a solution to the underlying cause?

Viewing 12 replies - 16 through 27 (of 27 total)
  • The topic ‘Site down, wp_error could not be converted to string…’ is closed to new replies.