Forum Replies Created
Thanks for replying. It’s your Analytics add-on, so I’ll check with the client whether they’ve paid for support.
Sorry, not going to be able to help test it further. Only had access to that site temporarily.
I’ve had this happen a couple of times.
Phone Google Ads support on 1-866-246-6453. Ask them to identify the problem. They should be able to email you a list of urls. They won’t be urls for your pages, they will be urls in the malware. But that will give you clues. It will also confirm that this isn’t a mistake on Google’s part: false positives happen occasionally.
Assuming they’re correct, and they usually are, you need to identify where in your WordPress install the problem lies. Could be a plugin, core files, the database, anywhere. Start by reading this: https://codex.wordpress.org/FAQ_My_site_was_hacked.
After you’ve done a cleanup, wait a day or two then phone Google Ads again to ask if your ads can run again. Don’t be surprised if they tell you there’s still a problem, because some malware is difficult to remove.
If you don’t already use it, sign up with Google Search Console. It can give you an early warning if there’s malware spotted.
You asked for full access. That’s your right as the website owner. It’s also the developer’s responsibility to warn you of any possible consequences and I understand their reaction. But it’s your right to insist anyway.
As the website owner, you should ensure you have complete control over your own domain name. You should also control the hosting. Time to get all your passwords in order. Quietly ensure you have full control, before any possible falling out with the developer. As Jan pointed out, if you have a complete backup, you have a lot less to worry about. If you also control the domain, you could move the website elsewhere in no time at all.
If you have a full backup, stored off the server, it’s also less risky to do a WordPress upgrade.
As Joy points out, if you have access to the hosting control panel, you can use the phpMyAdmin tool to remove your developer’s WordPress login and make sure you yourself have full permissions. BUT don’t tinker with that unless you have a full backup and you are confident you know what you’re doing.
Well, you have a lot of options.
There are page building plugins such as Divi and Beaver Builder. I have clients that love them because they feel in control of their own content to a greater degree. But the risk is that you get tied into using a plugin forever, and can’t remove it without disrupting the whole website.
Bear in mind that Gutenberg is coming, which is exciting but still work in progress, and it will offer new ways for your clients to build interesting layouts; and you will be able to create your own additional “blocks”. See https://wordpress.org/plugins/gutenberg/ but note that it’s still in development.
Or, if you put in the time yourself, and are able to assess your client’s needs well, and if they are happy to compromise a bit on possible layouts: then you could build additional templates into whatever theme you’re using. I find it helps if you’re using a flexible, well documented theme framework (my personal preference is StudioPress).
I would absolutely want cPanel and FTP access before working on a WordPress site.
FTP because that’s how changes would be implemented to theme and other files.
cPanel for various reasons, including fixing caching issues, PHP version, checking logs, accessing the database via phpMyAdmin, restoring backup files etc.
You should be able to give the dev their own FTP login, but often you can only have one login for cPanel.
To back up what Steve said, this is partly in case a mistake is made, or something goes wrong. I’d want to be able to fix it. I’ve been in the position of trying to work on code with only limited access, and it’s far from ideal.
This does of course, involve trust. Have a proper contract, make sure the dev has the right experience, make sure your backup routine is solid.
I’ve seen a website get handed over to a third party to do SEO work. Afterwards, the site loaded ten times slower and visits (and sales) plummeted. That’s probably rare, but there’s always a risk. I’ve also seen deliberate sabotage, and malware.
There are things you can do to minimise the risk.
1. Daily full backups.
2. Don’t give anyone access to your domain or hosting. If they need FTP access, set that up yourself then send them the login. That way you can’t get locked out of your own WordPress site, there will always be a way for you to get back in.
3. Keep a watchful eye. Install a plugin that tracks all logins and changes made (can’t recommend one, but know they exist)
4. Get legal advice. And insurance. Have a proper contract.
5. Choose your SEO company carefully. Ideally by recommendation from someone who can vouch for their professionalism. Never in response to a cold call or spam email.
6. If they’re going to have access to Adwords, Facebook etc don’t give them your login. Instead, add them as users.
7. Before and after changes are made, run speed tests on the website, and track your visit stats (esp bounce rate and page loading speeds).
When you move a website to new hosting, your WordPress username and password would not usually change.
You used [ redacted, support is not offered via email, Skype, IM etc. only in the forums ] as your email address, the same one you put in your message.
At the login screen there’s a link for forgotten password, just enter your email address until you find the one that works. You’ll receive a password reset link by email. Although I just did that for you, so you might already have received the email.
If you still can’t get in, you’ll need to login to your hosting control panel and use the phpMyAdmin tool. Instructions on how to use it: http://wpcrux.com/blog/change-wordpress-password-phpmyadmin/.
- This reply was modified 4 years, 7 months ago by Jan Dembowski.
Those links are really helpful.
Just to add that you should change the http to https in Google Analytics and Adsense, and also Google Search Console if you use it (and you should). You’ll lose no data.
And I’ve found the Really Simple SSL plugin to be reliable.Forum: Fixing WordPress
In reply to: Images suddenly have no URL or thumbnail, other issues
There might be two separate issues here, or a single cause.
Use FTP to check file/folder permissions on the server. Folders should be 755 and files should be 644. If those are wrong, could prevent media files being displayed.
You’re using some kind of big menu plugin? Is the problem with that? Or is the problem in the back-end of WordPress in Dashboard> Appearance> Menus?
Try switching all plugins off. Does the problem go away? If so, switch back on one at a time to isolate the offending plugin.Forum: Fixing WordPress
In reply to: Google Maps plugin that creates markers for each post
The plugin I’ve used and which I think meets your expressed needs, is
MapPress Easy Google Maps. It can create markers automatically from data in posts. Not sure about language.
The H2 doesn’t immediately follow the H1 on your pages (so far as I can tell). So how could you increase spacing between them?
There is no H1 at all on the home page.
Could you specify a page and a position on the page where you need to do this?
Looks like you already went ahead and upgraded, because you’re on the latest version.
It’s very unlikely to cause a problem so go ahead, especially if it’s only a minor rather than a major update.
But if you’re worried, simply make a full backup of your website first. If you don’t currently have a means of doing that, make that your first priority. Then at least you can roll back to how it was before the update.