planetzuda
Forum Replies Created
-
Thanks Eli. Sent you an email awhile back and never heard back. Hope all is well.
Forum: Plugins
In reply to: [Cookies for Comments] background info about latest security changeHi Yoav.aner,
Our company inspects plugins and themes. We noticed the security hole in cookies for comments, which Donncha quickly fixed, since he is a really good programmer and understands security. As far as we know no one exploited this hole, we just noticed it could be exploited.If you’re interested in security, let us know. We’re working very hard on that topic as we speak and are working on some more security tools we plan to release when they’re done.
errors, alerts, warnings, etc from PHP should not be shown on the site. That is a vulnerability in itself. A script is trying to increase the memory to 268 megabytes, which is above the default maximum memory limit of 256 megabytes. I retract my previous statements saying that 256 megabytes is too large to have as a default maximum memory limit.
The warning you are getting is suhosin trying to protect the server like jruberto mentioned a few months ago.
Forum: Fixing WordPress
In reply to: I am unable to view my blogI would like to explain a few things. Your website isn’t by wordpress nor is it their obligation to fix any issues. You are using WordPress’s code under the GPL version 2. Esmi gave you great advice that should fix the problem. Also, the error probably isn’t the error you should be focusing on. If you don’t want to use esmi’s advice, then you should at least look at line 71 of users.php and if the problem isn’t their do some more research. The problem may be on line 70, someone may have forgot to close their parantheses or curly brackets. I am telling you to look at line 71 because I went to your site and went to wp-includes/user.php and got this error
Fatal error: Call to undefined function add_filter() in /home/u237086156/public_html/wp-includes/user.php on line 71.add_filter is a normal hook in WordPress, so you’d need to do more research.
If you can’t fix the issue on your own, then you may want to hire a WordPress consultant. My company does consulting.I want to make it very clear that I never said a WP_ constant would stop a malicious script. All I was meaning to say was that a malicious script may use more memory. A non-malicious script can also use a lot of memory, but WordPress using 128 megabytes is hard to fathom. It must have a lot of plugins running and a huge theme.
RavanH, I just dealt with an issue like this 4 hours ago. It was complaining that it was the wordpress admin page, but it wasn’t. It was a camera plugin. The second the plugin was removed everything went back to normal. My gut instinct is telling me that this site doesn’t need 128 megabytes for the wordpress admin. I believe it is a poorly designed plugin. If it is designed to be a memory hog, then it probably has an exploit as well. Of course, these are only educated guesses on what I’ve seen and fixed.
I too am surprised that file.php is set by default to use 256 megabytes. Why would you want such a big plugin.. WordPress updates are never that big.
Forum: Fixing WordPress
In reply to: I am unable to view my blogYou want to get rid of that error as soon as possible. Hackers have a way via Google Search and other tools to detect those errors and attack sites, since they are super vulnerable. I am going to sleep soon, but I’ll stay up an extra ten minutes in case you need assistance.
Forum: Fixing WordPress
In reply to: I am unable to view my blogI fixed a problem very similar to this 4 hours ago for someone else. It was due to a plugin. If you have FTP access it is easy to fix.
Forum: Fixing WordPress
In reply to: Theme's Fancybox stopped working out of nowhere!Oy, there are a lot of exploits for lightbox. What version of wordpress are you using? Does it use uploadify.php or an old version of timthumb.php?
Okay, any plugin or theme that is using 128 megabytes is doing something very fishy. It was probably doing more than you could see. I’d love to read that code. Ravan, 64 megabytes should become the normal memory limit for WordPress in the near future.
Forum: Plugins
In reply to: Is there a plugin to put Year,month,day in URL? 2012/03/28/?thanks!