wnthne
Forum Replies Created
-
Forum: Themes and Templates
In reply to: [Virtue] Sidebar shows at bottom of pageI don’t know how I missed it before, but your kind explanation prompted me to re-check the HTML code once again. Lo and behold, I found an extra </div> tag, which was the source of the sidebar problem. Fine now, thanks so much!
I saw the video, but where do I find the sample page? I discovered that I must use the block editor in order to see the options shown in the videos. However, I could only see a way to switch to the block editor, I could not see a way to switch back to the classic editor in block editor mode. I had to go to Pages and search for the page, and then I could choose open in the Classic editor. Is there a way to switch back to Classic editor in block mode? Thanks!
I am trying out the free Kadence Virtue theme (Virtue Version: 3.4.13), and I have the sidebar stacked at the bottom of pages, but showing correct on posts. Is there a fix for this?
Forum: Fixing WordPress
In reply to: Server error alert: nav-menu-template.php on line 557// Ancestral post object. ( 'post_type' === $parent_item->type && ! empty( $queried_object->post_type ) && is_post_type_hierarchical( $queried_object->post_type ) && in_array( (int) $parent_item->object_id, $queried_object->ancestors, true ) && $parent_item->object != $queried_object->ID ) || // Ancestral term.The above code is from
wp-includes/nav-menu-template.php
The code is from line 552 (// Ancestral post object.) through line 561 (// Ancestral term.) I get server alerts perhaps every 3 hours. I can’t see how it is remotely feasible to test in this fashion. Is there another way to find out what the problem is?
Forum: Plugins
In reply to: [Heartbeat Control] not working for meI hadn’t thought of looking there. I see the menu now.
Thanks Jeff!Forum: Plugins
In reply to: [Heartbeat Control] not working for meThe plugin worked for me previously, but after i de-activated and re-activated the plugin it no longer shows up in the Tools menu. I tried deleting and then re-installing it, but there is no change. I just read an article by Jeff Chandler http://wptavern.com/how-to-take-control-of-the-wordpress-heartbeat-api and I am concerned because I am using HostGator. How do I get access to the menu?
Otherwise, please explain where I can manually edit the php file and set it to the maximum 60 seconds.
Forum: Fixing WordPress
In reply to: links with RK=0/RSThanks to all for all the good input. This works for me. It strips RK= and whatever follows.
# Removes hacking attempts from url, such as: /RK=0/RS=AYp9kgWwyL1Te5LIMYeMtv4cBVQ- RewriteRule ^(.*)RK= /$1 [L,NC,R=301]I chose
add-on-site.orgwith add-on domain in c-panel and it createdHome/public_html/add-on-site.org, not redirected.
When I go to subdomain in c-panel it shows
the root domain asadd-on-site.mainsite.comand document root aspublic_html/add-on-site.orgwith no redirection.The WordPress network dashboard shows two sites, one is
/and the other is/add-on-site/.I can see that when adding a site to WordPress, it automatically comes in as a subfolder and I want an add-on domain.
I admit I am confused. How can I resolve this?
Thanks.Ok. I tried with www in front and got a better result; now I am getting “Access denied”. So I am guessing there is a security code snippet in .htaccess that is preventing access. I will have to investigate that. Thanks.
Why do I keep getting this error when trying to view the sitemap generated by the plugin?
Error loading stylesheet: A network error occurred loading an XSLT stylesheet: http://mysite.com/wp-content/plugins/google-sitemap-generator/sitemap.xslGoogle webmaster tools reports that my site has no sitemap, even though I submitted it through the Google XML Sitemaps plugin. Please explain.
I had to revert to the sitemap.xml.gz file and submit it manually to Google through webmaster tools. I am now waiting to see if the site gets listed again.Thanks for the responses. Nice to know it is not the plugin causing problems! Webmaster tools reported a robots.txt error, which should now be fixed, but so far no difference in Google listing. Webmaster tools also reported a script “above the fold” which was slowing response time. The script was identified as “google_analytics_auto.js”, so I removed google analytics – go figure. I had someone peek at the site and they said there was, “Advanced pattern blocking in effect.” So I am looking for a backend tech pro who is an expert in .htaccess. I know this is off topic, but please just point me in the right direction. Thanks.
Another question is why does the hackers IP show a Chinese server when the IP is in Kansas? Does this explain why blocking IPs in china didn’t keep the hacker out?
100.199.78.125.broad.pt.fj.dynamic.163data.com.cnSee:
http://ip-api.com/100.199.78.125
So how can I tell what is real and what is fake? And how can WordFence tell the difference?
Thanks.I forgot to mention, there have been several “version 0.0” hits before the site went down.
I put the following code in .htaccess and I hope that will prevent any more of the CSS attacks described above (provided I get the site working again).
# Removes wordfence security vunerability RewriteRule ^(.*)unlockEmail /$1 [L,NC,R=301]It gets worse. It seems I have been hacked due to a known WordFence vulnerability. 🙁
http://www.websecuritywatch.com/wordpress-wordfence-security-xss-and-iaa-vulnerabilities/http://healingpetloss.com/?_wfsf=unlockEmail Http Code: 200 date/time: 6/7/14 10:20 AM 100.199.78.125.broad.pt.fj.dynamic.163data.com.cn Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31 Protocol: HTTP/1.1 bytes: 242 method: GETThe irony is I just signed up yesterday to be a premium customer and I specifically blocked all hits from China. How is it possible that the country blocking is not working? And why is the Cross-Site Scripting Vulnerability (apparently) not fixed?
Now, my website is inaccessible and I cannot log in to WordPress. I am waiting for my hosting provider to fix it. I have cpanel access, but I do not know how to verify the problem and fix it myself.Additionally, leading up to this attack was a series of attacks over a 48 hour period, see below:
An unknown location at IP 0.0.0.0 visited http://site 20 minutes ago IP: 0.0.0.0 [block] Browser: Yahoo! Slurp version 3.0 Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) An unknown location at IP 0.0.0.0 left http://sitepet/ and visited http://site 23 minutes ago IP: 0.0.0.0 [block] Browser: Chrome version 30.0 running on Win7 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.13014 YaBrowser/13.12.1599.13014 Safari/537.36 An unknown location at IP 0.0.0.0 lefthttp://site and visited http://site 23 minutes ago IP: 0.0.0.0 [block] Browser: Chrome version 30.0 running on Win7 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.13014 YaBrowser/13.12.1599.13014 Safari/537.36BTW, there have been dozens of these attacks with IP 0.0.0.0.
Please advise. Thanks in advance.I am no longer getting this error message, which makes me wonder if it was likely a problem on wordfence’s side that has been resolved. I have no explanation.