barnez
Forum Replies Created
-
Ahh, just checked the changelog for 4.8.2. No fresh errors have been thrown since 29/30 November, likely when the plugin was updated on these sites.
Thanks!
Thanks for reply. All three sites have the latest NF version 4.8.2 installed.
Resolved. Thanks for the suggestion.
To anyone reading, the server IP needed to be updated in Litespeed Cache >> General >> General Settings >> Server IP AND Quic.Cloud >> [domain] >> Settings >> Server IP.
If you restored the site from a backup, then it is likely that the vulnerability that allowed the initial hack is still present.
Make sure that all plugins/themes/WordPress core are up to date, change all passwords (WordPress/hosting panel/database), and update the salt keys in the
wp-config.phpfile to log out all users. Then, install the Wordfence plugin and run a high sensitivity scan.Also, have a read of the following resources:
FAQ My site was hacked
https://developer.ww.wp.xz.cn/advanced-administration/security/hardening/
The ideal approach is to treat this as a learning experience. Good luck!
Forum: Fixing WordPress
In reply to: I cant edit in my website due to some errorr@flogib Great to hear that those steps helped you get your site back up and running. Regular updates are key, but when you run into trouble with those, the trouble-shooting steps you went through are priceless to track down a conflicting plugin or theme.
Cheers!Forum: Fixing WordPress
In reply to: I cant edit in my website due to some errorrThe problem is usually a plugin or theme conflict.
Log into your hosting-provided control panel (e.g. cPanel) where the site files and database are located. In the file manager, navigate to the
/your_site/wp-content/directory. Rename thepluginsdirectory name toplugins-hold. This will disable all plugins. Now try and make some edit in WordPress dashboard. If the edits are successful, go back to the file manager and reset the plugins directory name toplugins. Now, enter the WordPress dashboard and enable the plugins one by ones, making sure to test whether you can still make site edits after each plugin has been enabled . Usually, you will find that one of these plugins is causing the issue. Then you can disable that plugin again in the file manager (set to/problem-plugin-hold/, and either (i) replace with an alternative plugin which does not cause issues, or (ii) contact the plugin author to report the issue and wait for a fix.If the steps above do not resolve the issue, try the same approach but this time navigate into the
/your_site/wp-content/themes/directory and rename the active theme to/active-theme-hold/. This will disable the theme and activate the stock WordPress Twenty-^ theme. If you can now make edits, then the theme is the issue and you can either (i) replace with an alternative theme which does not cause issues, or (ii) contact the theme author to report the issue and wait for a fix.Good luck!
Forum: Fixing WordPress
In reply to: PHP8.3 updateFrom the looks of the homepage on Themeforest, the Passage theme is no longer supported with updates (last responses 3 years ago). Your choices are (i) to stay on the outdated version of PHP and risk the associated security vulnerabilities, (ii) fix the theme’s compatibility issues with PHP 8.3, (iii) find someone (e.g. https://jobs.wordpress.net/) to fix these issues, or (iv) upgrade the theme to one which is regularly maintained (e.g. Kadence, Blocky, Twenty^). A few years ago I chose option iv and rebuilt five sites using a block-based theme. It was well worth the effort as the sites are more performant, have no compatibility issues with updates (PHP and WordPress core), and are future-proofed.
Good luck!
Thanks for the reply. I will follow this up with the host.
This raises concerns about the effectiveness of the free version—what’s the point of installing it if it leaves users unprotected for so long?
I think the point is that you either use the fee option and take the risk of not being protected against the most recent threats, or subscribe to the premium option and have peace of mind.
Forum: Fixing WordPress
In reply to: Enfold UpdatingI update the Enfold theme regularly for a site I take care of. This is a premium theme bought through ThemeForest. I get emails when updates are available, and then I use the link in the email to download the WordPress theme files only as a .zip file, upload that to the /wp-content/themes/ directory, rename the existing theme folder to /enfold-old/, and unzip the newly updated theme. Check there are no issues on the front/back end, and delete the .zip file and /enfold-old/ directory.
Forum: Reviews
In reply to: [Secure Custom Fields] Something the community neededFWIW all software either has or will have some kind of vulnerability. It is the nature of code. The normal process is to responsibly disclose this vulnerability to the developer and wait for their response/fix. The vulnerability that led to the Advanced Custom Fields being forked by WordPress required admin access to exploit, hardly a high-risk threat as once someone has admin-level access, the whole back-end is at their fingertips.
Thanks Josh. Updated, and working fine now. Appreciate the quick fix.
Forum: Reviews
In reply to: [Advanced Custom Fields (ACF®)] A rose by any other name would smell as sweetbut I do care about Open Source and that those who are seeking to make a lot of money off the back of Open Source software are actually contributing back to the Open Source community
As described above, they are contributing back. No company or individual who is involved with WordPress makes selfless investments with their contributions. Everyone who contributes to WordPress has a vested interest in its continued success.
Forum: Reviews
In reply to: [Advanced Custom Fields (ACF®)] A rose by any other name would smell as sweetHave a read here: https://wpengine.com/blog/highlighting-wordpress-innovation-contribution/
WPEngine has been been contributing to the open source community, in many different ways:
- Sponsoring WordCamps
- Running developer events
- Developing resources and support hubs
- Developing frameworks
- Maintaining plugins
I’ve never used them as host, and probably never will, but it seems highly disingenuous for this idea to be propagating that that are only on the take with nothing returned to the community.
Forum: Fixing WordPress
In reply to: Autoloaded Options _transient_dirsize_cacheHave a read here: https://core.trac.ww.wp.xz.cn/ticket/54221#comment:57