Cannot Modify Header Info Error: opears.jpg? Adding www?

  • Resolved tsguitar

    (@tsguitar)


    5 years, 9 months ago

    Every now and again, this is the error visitors to my site get:

    Warning: Cannot modify header information – headers already sent by (output started at /home/edexp2/public_html/images/extra/opears.jpg(1) : eval()’d code(83) : eval()’d code(1) : eval()’d code(1) : eval()’d code:1) in /home/edexp2/public_html/wp-includes/pluggable.php on line 1251

    Warning: Cannot modify header information – headers already sent by (output started at /home/edexp2/public_html/images/extra/opears.jpg(1) : eval()’d code(83) : eval()’d code(1) : eval()’d code(1) : eval()’d code:1) in /home/edexp2/public_html/wp-includes/pluggable.php on line 1254

    I have no idea how a JPG can send out header information and I can’t figure out what opears.jpg is even used for. I’ve tried deleting that JPG but the error still shows. And just about the only pattern I can find is that it gives this error only when visiting non-www URLs on the site. So nextvista.org/contact-us might show this error, but https://www.nextvista.org/contact-us won’t.

    I think.

    There’s no way I can find to reliably replicate this error, which is one of the reasons why I’m having trouble fixing it. Sometimes it’s a problem and sometimes it’s not. A simple reload of the page makes the error go away… but I also think the reload moves visitors to the www version of the URL.

    I have .htaccess set to add www to all URLs, but I’m seeing that doesn’t always work: I’m still able to visit some non-www URLs without being redirected. I’m also not sure if I’m barking up the wrong tree with the wwws being part of the solution/problem.

    Any ideas? Can I explain things any differently? Need more detail? Let me know! Thanks so much.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    You’ve been hacked. Something is trying to execute base 64 encoded code.

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter tsguitar

    (@tsguitar)

    Oh my! What are you seeing that makes you think this is the case? I want to have some more detail to give my hosting company when I’m ready to have that conversation.

    Thanks for your reply! Anything else you can tell me would be helpful. Fingers crossed that it’s not too insidious or deeply entrenched.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    1. It’s intermittent.

    2. /home/edexp2/public_html/images/extra/opears.jpg(1 is not a proper WP file path.

    Thread Starter tsguitar

    (@tsguitar)

    Just an update to this, but it ends up that the opears.jpg was somehow redirecting visitors only in certain parts of the world. We had a few people say that our site was loading some kind of German exercise or health pill site.

    Anyhow, I installed Wordfence, Succuri, and a few other things, along with taking a few other measures, and that seems to have solved the problem. I ran each of those plugins and they gave me an idea of what I needed to do. It wasn’t too complicated and I ended up simply removing a line of code from one of the core WP files, a line that shouldn’t have been there at all. Wordfence did the best at telling me what was wrong, though Succuri is a nice addition to keeping the site secure.

    From what we can tell, now nearly a month later, out site is clean and I have a much better picture on who is doing what and when to the site. This has a happy ending, fortunately. So just in case someone else stumbles upon this, I hope this added detail of the final steps I took to solve this helps. Let me know if I can tell you anything else.

    Thank you, Steve, for your help here.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Cannot Modify Header Info Error: opears.jpg? Adding www?’ is closed to new replies.