Archive

Archive for the ‘Wordpress’ Category

WordPress-Critical Error

March 5th, 2022 No comments

WordPress is usually a very reliable platform. However, I have had some recent issues with my installs due to an upgrade by my hosting provider, Bluehost.

The last thing you want to see when visiting your site is a critical error notice.

PHP Version

I had several sites go down because Bluehost upgraded the php version of their service. They did inform me, but the email went in my spam and I found it after the issues started. The email notice did not say: This update CAN BREAK your site, in large print, so I might not have worried too much if I had seen it.

It turns out that the php version is important. At a certain point, older versions cannot communicate with newer versions. Backwards compatibility is limited at major upgrades.

Our servers support PHP 7.2 and higher. PHP versions 7.2 and higher offer a significant improvement to speed and memory usage over past PHP versions.  — Bluehost

Now I know how to update the php version of my sites if I ever receive a notice like that again. These repairs cannot be done from inside WordPress.

This linked help (above) is specific to Bluehost, however PHP management is similar on any hosting site.  Every hosting company may have a different system, so it is best to contact your host and have them help you. Call Three to Bluehost, described in the previous post was when a helpful tech support technician fixed a couple of sites and then told me how to do the rest. 

However, even after that was done, I still had one site that did not function properly. I called the Bluehost help again. Generally, when I call support for big companies, I find I get faster service when I phone late at night because most of the clients are in North America. I live in PST, and the middle of the night is daytime in India where Bluehost support technicians are located.   

.htaccess file

It turns out that the .htaccess file for that one site needed to be updated manually. I looked it up and this file can definitely break your WordPress.

What is the default WordPress .htaccess file?
WordPress uses the default . htaccess file to store configuration information and handle server requests. For example, . htaccess can enable or disable many server features, including redirection of URLs, server signature, caching of files, password protection, and customized error pages. May 22, 2019 

Again this is a function that cannot be controlled by signing into your WordPress site. These files are located on the host site. Usually in my experience, after the installation, WordPress functions smoothly and I don’t have to re-configure these files manually. 

I am not sure why changing the php version affected the .htaccess file. However, my Bluehost support identified and repaired the issue very quickly.

Regular Updates in WordPress

Once you get back in your site, it is always good to keep your plugins, theme and core wordpress files up to date. There is less chance of a compatibility issue if you are using the latest versions.

If you are using a theme or plugins that have not been updated by the author in a while, you might want to change them. There are always many options with engaged authors who regularly update their work.

Running the latest version of WordPress, theme and plugins also helps keep your site safe. Vulnerabilities in older software do become known over time and can be exploited. Updated versions often repair these vulnerable areas to prevent infection with virus or malware. More on this in future posts as I continue to work to improve these aspects of my sites.

WordPress Hosting + Site Repair

March 3rd, 2022 No comments

Summary – If your wordpress site goes down make sure that your webhost has not altered your hosting.  I did and maybe still do, have some malware on some sites. However, my core issue was a PhP update that took my sites down.

Advice – Don’t throw money at the problem until you know what it is! Change all your passwords. Read the posting for my story and links to other posts that offer reliable help.

Process of Detection and Repair

My site went down and several of my other sites were affected. I contacted my webhost, Bluehost, immediately. I noticed a major reorganization and new graphic symbolism on their site after sign in. The control panel (cpanel) that I use to control any issues is now under “Advanced” at the bottom of the sidebar. The hosting now opens by default on a page for WordPress management.

Call One – First I asked if my site had been moved by Bluehost. Previously, I had issues when a reorganization moved my hosting to another server location. I also pointed out the redesigned site and asked if there were major upgrades. I was told that Bluehost had not done anything to affect my hosting.

I was informed that I had malware on my site and that a Sitelock scan could identify the issues. I was surprised because when Sitelock was introduced to me, I was told it was a constant scan to identify any malware issues on my sites. If anything was found, I would receive an email.

Now that I have a problem, the Bluehost support told me that the free version is limited. They can run a scan on request, but I would be responsible for removing the malware myself. She offered to email me the scan when it was complete. The tech was not sure if there was a real time scan at all. there was a sales pitch for the paid version. 

I will have to investigate Sitelock, “We secure websites by automatically finding and fixing threats”. So far, they are not inspiring confidence. It makes no sense for me to have to request a scan if they are “automatically finding” and the “fixing” is only in the paid version. I had a false sense of security because Bluehost told me I had Sitelock on my sites.

The scan would be an important tool. but I was still investigating the issues. I wasn’t sure that was the whole story as the sites were affected differently.

Repair One – Changed my hosting password. Noted that all the html pages were loading, but only the WordPress was affected.

Call Two – I contacted Bluehost support again with questions. This support individual apologized and told me that the scan could be found on my hosted files. Support technicians are not allowed to email clients.  Good to know. I found the scan using file manager from the cpanel. This individual advised me to download affected files to my computer and repair them.

No way would I ever do that. I am always careful with downloads and it is not advisable to download possibly inflected files to your computer. 

REPAIR Two – A Under the Advanced>cPanel>File Manager

Oh good it is still there. I found the Sitelock report and opened it, copied the text and pasted it into a text editor on my computer. The report is not in the folder public html so should not be affected. Even so, I am careful.

I saw a lot of PhP errors, but only a few traces of html malware. The ones I knew I could repair were code in html. I found them by using the power of the cPanel File Manager to search the online site for the offending code. I copied the code from the report into search and hit enter. Then I opened the affected file in the File Manager, removed the code and resaved.

Most of these files had been untouched for years according to the date listed. None of the repairs I completed fixed my sites.

REPAIR Two – B Check the internet for help – > The Medium

A super great post on the Medium. They advise having something like Sitelock but say:

A good security plugin would identify and alert you, in real-time, of all the changes made to your website. 

That’s what I thought was happening, but it did not work as advertised.

The Medium article advises to check core wordpress files. They give some methods, but I have Jetpack installed on all my wordpress sites. Jetpack is a plugin made by wordpress and they have a good article with advice on my problem.

Another option is to completely reinstall WordPress to ensure all core files are clean. You can do that via Dashboard > Updates, by clicking ‘Re-install now.’ It sounds scary, but this will only replace the files at the very core of WordPress and will not remove or replace any of your content, media, themes, or plugins.

If you are a member of wordpress.com, you can access your sites and scan them from your account. My site checked out with no malware in core files.

My wordpress core files are good.

Call Three – Late at night, I reached a technician who really knew PhP. She Knew that Bluehost had updated to PhP 8.0 Then she investigated and found my sites were still using older versions. She updated the PhP connection and my site works.

I still have some sites that were not repaired.

Repair Three – I am now changing the admin passwords on all my sites and checking some that I maintain, but do not visit regularly.

A representative of Sitelock contacted me by email and by phone about my malware issues. He told me my personal site has malware that is “phoning home” and causing reinfection, so I need to purchase monitoring and cleaning. 

It seems that any good technician could find the beacon that is contacting the infecting site and remove it.

I am not impressed by their lack of attention while using the free version and their slogan of “automatically finding and fixing issues”. My long experience shows that automatic is not the best. Why should I pay them so much for pressing “scan”, then “repair”?

I was amazed when he informed me that Jetpack and Akismet (now a part of Jetpack) may host malware. Certainly any file on a website can contain malware, but infecting these would be very tricky. As these plugins are made and supported directly by WordPress, it seems unlikely they would be the source of an infection. 

WordPress is constantly monitored by the best in the biz and I trust them. It seems more likely that a plug-in or theme would be the source.

I do not think I will be employing Sitelock as my core problem was PhP related. They saw the scan and most of the issues were PhP not a html infection. They did not suggest that there could be am issue with PhP compatibility. They just talked about signing up and the cost of plans.

They seem a lot more interested in signing up clients than fighting malware.

I did have malware on my site, but I am in the process of changing all my passwords and removing the unused themes and plugins. The individual who phoned me did not even recommend that I do that when it is Step One!

There will be another post as I continue to follow the steps outlined in the article in the Medium and on the Jetpack site.

 

 

 

 

 

Word Press Themes and Plug-ins

September 7th, 2009 No comments

Screenshot-Welcome to AdSense

My Tech Help blog is using the iNov theme developed by mg12. I am not sure that I will keep this theme, but I am investing work into it. After getting my feeds set up, I had decided that I was going to try Google AdSense on this blog. I finally got it to work using the WP AdSense plug-in. I also figured out that I can insert the code directly into the post by using the HTML option in the WordPress editor. The Google Custom Search still is not working properly.

I was warned that Google only allows three ad sections per page, so I now put in a “more” tag and paste the ad code beneath the tag. That way the ad on the footer counts as one and the code in the blog only displays when the reader opens the post.  This prevents exceeding the limit when the posts are attached one after another on the home page. Check it out. Read more…

Life and Times

May 30th, 2009 No comments

I want to dedicate this site exclusively to the technical details behind my daily work. This includes the Live More Lightly Project and Sound+Light+Motion, my own sites and work and many other projects that I am working on.  To increase the focus of the site, content will be constrained to contain all of the technical details of my computer/technology/opensource project development.

It is still in the setting up stage, but I hope that I will be able to provide some interesting content. I also plan to have the experts who give me Tech Help post here as they are specialists in their particular area and can have some helpful information. Read more…

WordPress Upgrade to 2.6.1

September 16th, 2008 1 comment

Using Fantastico in Bluehost I was able to smoothly upgrade my WordPress install this morning. Although WordPress urges me to upgrade to 2.6.2, Fantastico sees 2.6.1 as the latest version, so I cannot upgrade further at present. I also activated the podpress plug-in and some other multi-media tools. I look forward to exploring streaming content on my blog, both audio and video.

When I first installed WordPress, I had never administrated content management software before. The default is to install to the root folder, so that is where I put the program. Now, I am thinking about expanding the Live More Lightly Site to include a regular web site in addition to the blog, I find the root install is a problem. I have since installed and administer WordPress on other websites and it is just as easy to install to a new folder and link to the blog from the site menu. I would advise anyone installing WordPress to build a home page and put a link to the blog on that page. This will allow for easy site expansion as more links can be added to the home page and the blog will remain in the second-level folder where it was installed.

To avoid having to reinstall and reconfigure my site, I am constructing a Site Map page that will help to direct readers to the content they want to view and to the static pages that give information about the project. Many people find the three column layout confusing as there is so much information and different filtering options. The Site Map should help to demystify blog navigation and I welcome feedback when I get it published.

News Flash: The Live More Lightly Guestbook Page is now functional using the DMS Guestbook plug-in. Try it out, then I will know it works for sure.

SLR Camera – Image Capture

September 14th, 2008 No comments

Now I have had the opportunity to look through two examples of excellent camera technology, I find myself increasingly attracted to continuing the experience. The first time I held such a camera was at the Madu Sari gamelan performance, “New Javanese Shadows“when a friend of mine asked me to hold his camera. My first impression can only be described by referring to a Hindu myth often told about the young Krishna. For those not familiar with Hindu mythology, the incarnations of the god Vishnu are many, but this story is about his time as the human Krishna.

On one occasion, when Krishna was still a child, he revealed his true god-self to his mother by asking her to look in his mouth. When she complied, she was astonished to see the entire universe inside the mouth of her child. When I looked into that camera, I saw a glimpse of the infinite — I was astonished. The photographer who owned the magic box enthusiastically started informing me of the technical details in a language full of numbers that I did not understand. This machine may be described by numbers, as the universe can be modeled mathematically, but the impact of the revelation I had experienced created a bookmark in my mind that I return to in wonder.

My next reaction was more practical, as the Virgo reasserted her presence. If everyone had a camera like that, my opportunities for employment as a graphic artist would be seriously reduced. There was no noise in the image, it was balanced and in sharp focus. If the capture mechanism was as pristine as the view, the images would reflect a hyper-realism that would need few adjustments. My daughter later comforted me by pointing out that many of these cameras are owned by individuals who can cause them to malfunction and that composition skills are still required. Even the best images can benefit from layout, design and story, so my production skills will still be needed.

The term “multi-media artist” has often been applied to my skill sets in production. I know that if I am not being paid, I do music, music technology and saving the world. Some practical part of me knows that my time will not allow any more addictions. I am already being drawn away from my “Live More Lightly Project” too much by other musical entanglements. I have to complete a book prototype this month. Move on. Read more…