Always critical Errors

  • anstifter

    (@anstifter)


    11 months, 3 weeks ago

    Hey there. Every week or so, I have an issue with my Homepage. My Server Provider shuts down my homepage due to an critical error and I then have to restore from a backup.

    I work with Elementor and OceanWP. Everything’s updated. I really don’t have any clue.
    Those are the issues from the log:

    ……io/wp-content/plugins/ocean-extra/includes/post-settings/post-settings.php

    Scan vom 2025-06-06 00:59:07:

    /……io/wp-content/themes/oceanwp/functions.php

    Scan vom 2025-06-02 01:07:57:

    /…..io/wp-content/plugins/ocean-extra/includes/freemius/includes/fs-essential-functions.php

    Scan vom 2025-05-24 01:14:36:

    /…..io/wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php

    /…..io/wp-content/plugins/ocean-extra/includes/freemius/includes/fs-core-functions.php

    /……io/wp-content/themes/bottom-1747901528/hidden.php

    Can someone help? Thanks a lot in advance!

Viewing 1 replies (of 1 total)
  • Shahin

    (@skalanter)

    11 months, 3 weeks ago

    Hello @anstifter,

    Thank you for reaching out.

    I saw this path: /themes/bottom-1747901528/hidden.php
    This folder does not belong to OceanWP or any standard theme/plugin, which strongly suggests malware may have placed files in your theme directory.

    Regarding Ocean Extra plugin warnings, this: /ocean-extra/includes/freemius/includes/fs-core-functions.php and this one: /ocean-extra/includes/post-settings/post-settings.php; these might either be legitimate files being flagged due to modifications or, again, signs of tampering.

    To solve these issues, you can do the following steps:

    1. Scan your entire site for malware by using a security plugin like Wordfence plugin or Solid Security plugin and ensure to check obfuscated code.

    2. Reinstall clean versions of WordPress core, OceanWP, and Ocean Extra:
    I. First, back up your site
    II. Then reinstall the following from trusted sources:
    a. WordPress core via WP Dashboard > Updates > Reinstall
    b. OceanWP theme: https://ww.wp.xz.cn/themes/oceanwp/
    c. Ocean Extra plugin: https://ww.wp.xz.cn/plugins/ocean-extra/

    3. Inspect your server for backdoors, and check folders like: /wp-content/uploads/ | /wp-includes/ | /wp-content/themes/ for anything not familiar or oddly named. Also, if you’re using any nulled plugins or themes, replace/delete them immediately.

    4. Harden WordPress, and set proper file permissions: wp-config.php → 400 or 440, Other files → 644, Folders → 755, you can ask your host provider to check this for you.

    5. Keep your PHP version updated and use .htaccess or server firewall to limit access to wp-login and XML-RPC if not needed.

    For more information about these, please follow this link:

    FAQ My site was hacked


    https://developer.ww.wp.xz.cn/advanced-administration/security/hardening/
    Note: If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Please check your site again after completing these steps and let us know how it goes.

    Hope this helps.
    Best regards,

    • This reply was modified 11 months, 3 weeks ago by Shahin.
Viewing 1 replies (of 1 total)

The topic ‘Always critical Errors’ is closed to new replies.