abletec

Glad it’s working for you now, inoobe. Please, if you’d be so kind, reply & mark the topic as ‘resolved’ so the other volunteers know you’ve been helped & can therefore move on & help others.

BTW, just FYI, I’m actually a mom, but you couldn’t know that. Have a great rest of your day.

When I go to your site & view the source in my browser, at the very bottom of the page, it says this:
“1066 125536 bytes batcached for 300 seconds” The 1066 is the source line number. The fact you have wp-super-cache makes everyone’s life a bit easier, though. Just go to the plugin’s settings, click on delete cache, then deactivate. There is some sort of tie-in between the 2 plugins, just exactly what I’m uncertain.

You’re running cache. Please clear it & try again. This is why providing a site url can be so very helpful. Thank you for doing so.

Hello, waynelee3d, & welcome.

Could you tell us please:
a) Is this a multi- or single site installation?

Could we please see your .htaccess files, if they exist, for both sites–& please let us know which site’s .htaccess file we’re looking at if it’s not evident. You may enclose the code in backticks, (), ie,

 line 1
line 2
line 3 

Your .htaccess files can be retrieved either from your hosting provider’s file manager or via FTP. Please let us know if you’re still unsure as to how to do that.

Hello, wpfed, & welcome. Those errors are actually likely not at all unrelated. For whatever reason, you’re getting database connection errors. These can be caused by a variety of factors–a database that’s too large, not enough memory, a site unable to handle the amount of traffic you get, a corrupted database, & others, as well as a combination of such errors.

Were I in this particular situation–& I have been in the past when diagnosing clients’ websites–I’d check to see if your hosting provider’s control panel has a page that lists most recent errors. Perhaps that might be enlightening. I would also browse through your WordPress folder & subfolders to see if you have any files called error.log or error_log. You can open those up in your hosting provider’s file manager or an FTP client, hopefully one w/secure file transfer capabilities to see if there are entries corresponding or in proximity to these errors. You may also wish to open wp-config.php in your file manager & change wp_debug from ‘false’ to ‘true’. Save the file, then do what you were doing to try to reproduce the error. You are advised that this poses a security risk, so change back to ‘true’ when you’ve finished. That might give you an idea, however, if a specific plugin or theme is causing the error. Sometimes it’s also helpful to try disabling all plugins & temporarily switching to a default theme (they begin w/the word ‘twenty’) to see if doing so resolves the error. If it does, then try reactivating the theme you had been previously using. If the site still works, then try reactivating plugins 1 by 1, each time doing what you need to do to reproduce the error, until the error recurs, at which time you’ve got a pretty good idea what plugin is causing the problem.

I would, in this situation, also go to your hosting provider’s control panel & run a check on your database. That may tell you whether the database is corrupted. There is usually also an option to repair it.

You may also wish to contact your host to see if they’re seeing any mod_security errors thrown by your site.

If you feel this is over your head, & your host won’t help, there is a job board at http://jobs.wordpress.net where you can post a request to hire someone who can help you. I was a bit disappointed you didn’t post a site url so I could have a look. It might also be helpful if you’d tell us whether you’re running shared, VPS, or dedicated hosting.

Unfortunately, yellowdressjen, it sounds as though your site has been compromised. I went to your ‘About’ page & actually saw the attempted redirect. so yeah–I’m pretty certain your site’s been hacked. The instructions I’m about to post are long. Please read them carefully & use them as a checklist, checking them off as you go. Please don’t hesitate to ask any questions you may have regarding them here. We’re here to help.

If this feels beyond you, you can post a job at http://jobs.wordpress.net . Likely ‘General’ or ‘Performance’ would be appropriate.

A resource you can go to is:
http://codex.ww.wp.xz.cn/FAQ_My_site_was_hacked

When dealing w/a site compromise, the objectives are twofold:
1) Fix the site; &
2) Fix backdoors that the hacker used to gain entrance into your site, so this hopefully will not happen again.

Most people place great emphasis on objective #1, but, in truth, the 2nd one is actually the most important, as, without it, your site will continue to be reinfected.

Here are the steps to take.

First, notify your host, as this might be a serverside hack as opposed to simply a site compromise. Also, if you’re on shared hosting, the hack has the potential to compromise the entire server. Additionally, you may wish to take the site offline, & your host can help you do this. They might not help you–then again, they might. You won’t know unless you notify them. If they say it’s not their responsibility, (& it really may not be), then please continue reading.

Second, scan any devices you will use to log onto your website for malware. It does no good to change credentials, etc., which you will need to do, if malware phones them home to their command & control center. It’s actually better to do more than 1 scan, each using a different program, as no single malware scanner can detect everything.

Third, secure your network. Definitively use secure FTP as opposed to regular FTP. The port used for secure FTP varies from host to host. Many use port 22, some 2222, while others use different ports altogether. Check their knowledge base or call their support. You can ask this question when you notify them of the compromise in the first step.

Never log onto your site using a public hotspot, such as those in hotels, cafes, etc. Make sure you’ve changed the default password, Ssid, (&, if applicable) the username on your router/modem. If you don’t use wireless, turn it off in your router’s options.

All these steps are required to ensure that no one can snoop your credentials, etc.

Now that the device you’ll use to fix your site, as well as your network, is secure, it’s time to direct your attention to actually fixing your site.

Next, please log into your website control panel from a secure connection and change all passwords, including those to any databases you may have set up. This includes your control panel/FTP credentials & your WordPress database. Also, change your salt keys as per the instructions in wp-config.php to log out all users. Please make the passwords long, containing upper & lowercase letters, numbers, & punctuation.

Next, take a backup of your website’s files. Be certain to label it such that the label contains both the date you backed it up on, as well as the word “hacked”–we certainly don’t want you accidentally restoring this backup! This can be helpful, though, in terms of perhaps being able to determine how this occurred, though my feeling is that it likely did so because of an outdated site. Probably you should just back up your web root. Depending on your host, it might be called public_html, htdocs, www, or /. If you don’t wish to back up the entire root, then at least back up your uploads folder, as well as others that might contain content that can’t be replaced.

Please also back up your database as well. The article at
http://codex.ww.wp.xz.cn/Backing_Up_Your_Database
shows you how to do that, in case you need it. The section regarding phpMyadmin is likely the most relevant to your case. It’s going to be necessary to search that database file to see if any evidence of the hack exists there. That can be done by opening the file in a text editor. To start off with, consider searching for the words:

<script
<? php;
base64;
eval 

preg_replace
strrev

This is not an exhaustive list, nor is the presence of any of these words conclusive proof of a site compromise, though some are more suggestive than others.

You might also wish at this point to backup your WordPress content. To do that:
* Log into your WordPress dashboard.
* Go to ‘Tools > Export’.
* Choose to export all content.

While in your dashboard, go to ‘Users > All Users’ and delete any users there that you don’t recognize, especially administrators. A WordPress account should never contain the username ‘admin’. If yours does, make an administrative account that does not contain the word (don’t forget to use a very strong password), then delete the old admin username account.

Also be advised that sometimes supposed image files can contain code, so open all your image files, particularly in your uploads folders, to ensure they really are images & don’t contain code. Better yet, if you have the images on your machine, replace files in the uploads folders with them.

If you find nothing, either in your database or in your /uploads folders, then the next step is to delete, then completely reinstall WordPress, as well as any plugins or themes you were using. I also advise creating an entirely new database w/a new user & password. You can then import your content into the newly reinstalled site.

Please also let someone knowledgeable look at your .htaccess file so they can make certain no backdoor code exists there.

In summary, here are the steps:
1) Back up your WordPress files, including core, themes, & plugins;
2) Back up your database using PhpMyadmin;
3) Look through the database to insure there is no evidence of the hack;
4) Search the uploads folders for image files that contain code;
5) Let someone knowledgeable look at your .htaccess file.
6) If you have doubts about your database, please have a professional take a look.

Hello, Gunny. Here is the error I receive when attempting to connect to http://www.neovets.org.

“The certificate is only valid for the following names:
gunnyret.com, http://www.gunnyret.com, mikebuilds.contractors, neovets.org, summitcountystanddown.org, americanlegionakron.org”.

What it’s saying here is that the www. portions of some of your domains are not included in your certificate. That may or may not be accurate, & it may prove worth investigating if the following is ineffective.

W/all due & extreme respect, that code in your .htaccess file is not the way I would proceed. I do think your first avenue would be to change your url settings from just https:// to https://www. The concept is a bit of a surprise to many, but www. & https:// (or http, for that matter) are different. Using both in the url includes both, if I make myself clear. If that does not work then, you may wish to include the following in your .htaccess file, *without the , which we use in these forums to enclose code.

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 

I would like to connect. The LinkedIn link was likely redacted, as private contact between forum participants is not encouraged here for fear that some may use this for commercial advantage. I will use one of your websites instead, or feel free to visit the website in my profile.