Support » Fixing WordPress » Unfixable 500 Internal server eror

  • EDIT – my first time posting here on the support forums, i see i used the wrong forum – i will go and repost on the correct one ( i do not know how to move or delete this post)

    My WP site have been running for over 5 years. Last week, i decided it was time for a new theme, and i played around with a few themes until i settled on Fabulous(?). I have also installed a few new plugins, including Classic Editor, Teost, and Yeost-No-Adds.
    My site looked beautiful, and i went out to dinner. When i came back, and wanted to edit one of my pages, i got the 500 Internal Server error. I strongly suspect that it was either the new theme, or the Yeost-No-Adds that boke it….

    I followed all the steps on these pages, as follows:
    1 – updated my wpconfig file
    2 – updated my htpaccess file
    3 – disabled plugings in my File manager by changing the filename to plugins.hold
    4 – disabled plugins in my SQL database by changing the option value
    5 – deleted the new theme from the file manager
    6 – created a new database on my SQL, in which i uploaded my backup of this afternoon, which i made just before going to dinner
    7 – reinstalled wordpress, including changing the wpconfig file to the name of the new database

    I am now at my wits end, and have no idea how to fix the problem, as it still persists, and i urgently need to update my page (i have just created a New App, whihc we are launching this week)

    Any advice would be really highly appreciated…

    • This topic was modified 5 months, 2 weeks ago by  watershare. Reason: wrong forum

    The page I need help with: [log in to see the link]

Viewing 2 replies - 16 through 17 (of 17 total)
  • @g0tr00t

    Thank you very much.

    It would be devastating if my /Training site is also compromised – everything still seems fine when i am logged into my wpadmin page (probably because i have it on a completely seperate server, although its with the same hosting provider), but i just ran the SSL Insecure content plugin there, and got this message:
    ——————————————
    SSL Insecure Content Fixer tests
    This page checks to see whether WordPress can detect HTTPS.

    Tests completed.
    Your server environment shows this:

    error
    bad nonce value.
    ————————————

    Do you have any idea on how i can fix it? And also how i can make a backup of my training site without copying the infections with the backup?

    Lastly, i made a backup of my services site just before the crash, and got a .json file to download, but i dont know what to do to use it to import into my new site, without copying the infections with it into the new site…?

    @watershare

    It’s actually uncommon for hackers to delete your database intentionally, so the good thing is that most of the time you can remove the malware and save the website.

    Unfortunately there’s not really any way for you to prevent backing up the malware along with the website files and database, but it’s better to go ahead and back it up regardless. You can always remove the malware or have someone else do it for you, but the most important thing is to preserve the content in a backup ASAP.

    I’m not familiar with full website backups in .json form. It sounds like it may be a partial backup. In order to do a full backup of your hosting account I’d recommend doing it through your control panel (not the WordPress admin area).

    And the SSL warning you saw isn’t putting you at risk. SSLs actually do very little (almost nothing) in protecting your website from malware. They exist to defend against eavesdropping and similar attacks, but they do nothing to stop someone from exploiting a vulnerability in a plugin or theme file.

    That said, it looks like HTTP content was loading on HTTPS pages, so that will generate errors as “insecure” content is being shown on a “secure” page:

    http://www.cbosss.com/services/wp-content/uploads/2014/04/AMD-300x200.jpg on https://www.cbosss.com/wp-newsite/community/
    http://www.cbosss.com/services/wp-content/uploads/2018/05/2015_07_12_IMG_1486-Large-300x200.jpg on https://www.cbosss.com/wp-newsite/customer-only-area/

    If you update those two images so they load from https: instead of http:

    I would also highly recommend installing Sucuri’s plugin and scanning your existing website with it. And if you could provide any info on where you obtained the “yoast_no_adds” plugin from then that’d be awesome as I would like to further investigate what it is actually doing once someone installs it.

Viewing 2 replies - 16 through 17 (of 17 total)
  • You must be logged in to reply to this topic.