I just upgraded to WP 4.3.1 on one of my websites. After upgrade (which seemed to go with no problems at all), I noticed that the layout of my pages has changed. There is a bar across the top of my page (not the admin bar) that wasn't there before. When I inspect the element there, I see a whole bunch of new code that is not being created by any of my plugins. And I cannot find the source of this injection in any of the provided php files. I have no idea where it is coming from, but I suspect that something in the WP 4.3.1 package has been compromised, or maybe there is a callout to a site somewhere that injects this code.
Anyway, this is a BIG problem and I don't know how to fix it.
I've copied the injected injected code below. It appears in all the pages on my site, right below the tag. Interestingly it can only be seen by "inspecting element" in the browser; page source does not reveal it (I've added some line breaks to make it more readable, but this is exactly what shows up in my page.
This same problem occurs on every site where I upgrade to WP 4.3.1. I hope someone can fix this problem IMMEDIATELY!!
Clearing cache, history & cookies doesn't resolve the problem. I can't tell where this injected code is coming from. Also, Google doesn't seem to be much help in telling me anything useful about http://kfc.i.illuminationes.com/snitch, which is one of the links that is being created.
Our site was infected, this is what we did to get rid of it
Thanks to this discussion which led me to a more detailed one
Connect via ssh to the server
Check the directory structure and find out recently created / modified directories
Check recently modified files for <script>. I found many files having JavaScript inserted which would connect to external sites.
As these calls were made on each page, I checked header.php in wp-content/themes/your-theme directory. (check the ones you are not using as well as that might be infected but may not show in radar)
You might also want to check footer.php for infection.
Re check file permissions on server as per WordPress Hardening guidelines on Codex
Delete unrequired ftp accounts in FileZilla (or its equivalent)
If you use any caching, delete entire cache.
You can verify if this worked using devtools network tab.
Related
I am trying to make a wordpress website wcag 2 compatible. I am running the test on achecker and getting the error that matchHeight-js is not unique. How can I determine and fix the problem? I am viewing the page source and i can see the 2 id's that are the same but don't know what to do with them. Here is the website link Here is the error I'm getting achecker error and here is the part of my code that is wrong faulty page source. Can someone please help me fix this problem?
It looks like a bit more than just two elements happening to have the same id.
It looks as though two parts of your system are loading the same jquery library, albeit with slightly different versions.
The first is the plugin primary-addon-for-elementor and the second is your site's theme, bizberg. One or other of them should have checked to see whether the library assets they needed were already loaded.
Do you have access to a test site and/or the plugins or themes directory or can you inspect your theme's files in the WP backend as administrator under Appearance>Edit theme [I don't advise doing this on a live site!]. It may be simply a case of removing one of the calls (the <script lines that load the library) so they don't get called twice.
Any info you can give on what access you have to the system would be helpful and we may be able to pinpoint the problem more directly.
Just recently, I have added Reactjs to my Rails application. However, whenever I reload the same .jsx file, but with different content (ie <h1>Hello<h1/> to <h1> Hello again<h1/>), the browser does not respond and update the view. I have tried restarting the server and reloading the page. I have also created a separate rails application, and I was able to recreate Furthermore,I have also pulled my partner's repositories to check if there were any file differences. There were none.
However, when I pull his repo, my browser updates the content, but it doesn't update it anymore afterward when I edit a .jsx file. It should also be noted that when I edit the content on a .jsx file, the view updates for him, but it doesn't update for me when reloading the page. Our files are the same, but only I have the problem. I have also toggled safe mode, but it didn't make a difference.
I am using Webpacker with Yarn on Jetbrains' RubyMine with Windows 10. Here is a picture of what the problem is:
The code vs the output
After a great amount of trial and error, the problem was with the IDE and where it was retrieving its settings and files from. I had a backup HDD that held old information on it such as my last projects contents. This was wiped.
I also managed to find old IDE settings in my "../users/%your_name$/.Rubymine2018.1". All old RubyMine settings were removed. I also reinstalled my IDE to give it yet another clean start. As far as I can tell, this has worked.
A big thanks to everyone who helped me in the comments!
I have been facing the same issue, and as I have tried to follow the guide provided previously I couldn't know where to start from.
And what I had to do is to run npm run build everytime I update my jsx in my component.
Due to the safety rules of the same-origin policy (SOP), i am unable to load certain local files when opening an index HTML-file directly with a browser. Using a "live-server"-plugin works fine, as all the files in that case are "on the same server". I need to distribute the website as a client-side only app - A folder and html file to be opened with your browser. Solutions to the problem always seem to require setting up a server. Is there any way to avoid that, and keep everything on the client?
I am making a mathematics e-book, that i want to distribute as a website people can download. I want it to be client-only and a download, since if it were to become popular, then i wouldn't be able to afford running the server (as i would be studying at that time). I have chosen html and javascript over EPUB, as they are much more powerful, and allow for tons of interactivity (and much more efficient development).
So far i have a browser.html file, that loads individual pages with JQuery .load(). This browser.html file has both html, and javascript. The CSS is in an external file. The individual pages have many pictures, that are also stored locally on the server. As the pages are contained in subfolders, the picture URL's go out into their parent folder, and into the assets folder, like: ../../../Assets/Chapter1/Talopgaver og intuition/Misc\F\solsystem.png. I use custom-elements (shadow-DOM) to handle various complex aspects such as questions, answers, along with certain other things too. Other than JQuery, i also make use of Math-Jax, and a "polymer" library that helps with cross-browser support of custom-elements. All the pages in a certain chapter are loaded in the start, and then put into a array (this makes it fast to scroll through pages as you often do in books). They (as strings) are each modified slightly to automate certain tedious parts of development.
I have tried to open the browser.html file on chrome, firefox, internet-explorer, and edge. They all load the html that browser.html inherently contains (properly styled even), but none of them load any external pages. Interestingly, one of the images used in the browser.html file still works (i would think that would be a local file too, not?). If have tried turning off calls to ajax or external CSS, but nothing changed. I have searched for other people with similair problems, but all the answers just reccomended setting up a server.
When loading the page with a live-server plugin, the result looks something like this:
browser.html page opened with "live-server" visual studio code plugin by Dey, Ritwick
When opening the browser.html page directly using chrome, it looks like this:
browser.html page opened directly with chrome
The error i get (after having removed an ajax .get() call) isn't particularily descriptive: simply "Failed to load resource: net::ERR_FILE_NOT_FOUND" from "platform.js:1". Even if turn off the call to start loading pages, it gives me excaclty the same error messages.
Looking at the network reports, with live server it looks very ordinary. without it's pretty weird. It says it takes hours to load browser.html, even though that clearly isn't the case. It fails loading platform.js, after using 22 seconds trying. The networks report looks a bit more healthy when turning off the call to load pages. It gives up loading platform.js faster (8 seconds), yet still supposedly takes hours to load browser.html.
Though it shouldn't ultimately be neccesary, i have linked the entire browser.html document below, along with an example of a page it might load (the example in the first picture above).
browser.html. Too big for a stackexchange code-block embed
Page in previous picture (page 37)
Any help is appreciated!
EDIT: Main problem seems to be the loading of pages using JQuery.load(). Even on a simple testing website that operation is just not possible without running on a server.
I am using Angular 1.7.2 in a project i'm working on. (I prefer Angular 1.x)
I am doing the bootstrap process manually (because i'm adding scripts programmatically).
But, I am having 2 issues with the manual bootstrap process.
I have to use a setTimeout, else the bootstrap never works. And my problem with this is, the more files I add to my project, the longer i have to make the timeout.
Sometimes when I load my web page or refresh the site, not all my components are loaded. If i monitor the network traffic, i can sometimes see that the html files are not retrieved at all. And there are no errors in the console or anything.
It seems to me there must be something happening in the angular.boostrap process that is failing or getting stuck, but i can't figure it out.
For my first issue, why is the setTimeout required, is there a way to not need this?
Second, why does my site not load sometimes?
Could it be related to the OS locking the files temporarily because of all the source control, anti-virus, other services running on my computer? If so, how can i tell?
I put together a test project with relevant code here on github
I previously thought this was related to the routing, but it's not (see here), But it seems not related to angular-routing after all.
Any information would be much appreciated, this is driving me mad.
Update 1:
I have the code running here on github pages.
Best chance to replicate issue is to use google chrome, enter url, open dev tools (f12), then actually load url. Sometimes, the page doesn't load completely.
I have updated the test website to better reflect my project where I add scripts dynamically.
I think i found the solution thanks to a comment by igor
I moved my app.route.js file to be loaded before any of my angular component and directives and from what I can tell this solves my problem.
I will update the linked sample project too
Today I found foreign JavaScript on my homepage along with a backlink to a website I don't recognize (although the backlink is not visible when viewing my homepage, they have positioned it somehow so that it is hidden but search engines still find it).
I was wondering how my Joomla website managed to become compromised? Is there any possibility you can think of? How can I protect my website from this attack in the future?
First of all which version of joomla are you using.?
There is some possibilities to hack the Joomla Version of 1.5.23 or some similar version hacked and some bad script attached in all js files or may be some rewrite url condition in your .htaccess file.
the best option to prevent the problem is Update your Joomla Version and change your admin and FTP Password.
There could be a number of reasons, a few things to check:
Are you on a shared server? Is it secure?
Has someone compromised your password?
Is your version of Joomla up to date?
Are you running any other PHP apps on your web server? Are they secure?
Just because Joomla appears to have been affected doesn't mean that it was necessarily the entry point for the compromise - check everything. Make sure you keep your software up to date. Disable anything you don't require to run your website. Use .htaccess to protect files and folders. Make sure your own computer is as secure as possible and patched and up to date. Make sure you are using the latest version of PHP.
Good luck.
I don't know HOW, but if you wanna eliminate it is probably it is in the index.php file, check there.
website root/templates/yourtemplate/index.php
Installed joomla extension (plugins, module, component and template) may also contain file which will be very unsafe and may perform dangerous file activity like updating, renaming, deleting and creating the file on your site.
So my suggestion is read the joomla forum and manage the permission of your file according to that.