can't open file — only in wp-admin directory

  • wmconlon

    (@wmconlon)


    9 years ago

    Not quite sure of version. I think I have auto-update enabled.

    I last logged in and posted to my wp blog https://www.wmconlon.com (hosted on a linux vps) last November.

    Today I logged in successfully, but was greeted with a message “can’t open file”

    I can view my blog posts, and see the dashboard at the top, but links from the dashboard bar all give the same message. I have tried directly accessing a few other files directly, such as ../wp-admin/about.php but get the same “can’t open file”

    Nothing in apache error log that would indicate the problem.

    Another blog on the same vps [https://william_martin.conlon.org] running 4.2.4 is unaffected.

Viewing 7 replies - 1 through 7 (of 7 total)
  • David Uzelac

    (@daviduzelac)

    Are you sure that the host is allowing you to edit those certain files?

    I would as well check permissions to make sure that file is accessible.

    Clayton James

    (@claytonjames)

    That particular site is infected with SEO spam. Here’s where you will need to start for information on how to completely clean things up: FAQ My site was hacked ..And some info for after things are cleaned up that might help. Hardening WordPress

    [edit] it’s Version 4.3.3

    Thread Starter wmconlon

    (@wmconlon)

    @david
    Thanks. I wasn’t clear.

    I am not trying to edit any files within wp-admin. In fact, I have shell access and get to them all if I choose.

    My problem is accessing the admin system after I log in. I get the dashboard overlay on my public facing pages, but if I follow any link, I get the “can’t open file” message.

    Thread Starter wmconlon

    (@wmconlon)

    @clayton.
    1. Thanks for advising me of the version. The last manual update appears to have been on 11 Oct 2015. There is a new file ../wp-admin/update-core.php which was dated 2 Feb 2016. Presumably this was done via auto-update, since I didn’t manually update.

    2. The site certainly could have been hacked. I found a couple of directories with index.php files that are not human readable. Still investigating to see if I can find the problem.

    3. I followed directions to change password for the admin user, but that is not helping me yet. Still get the “can’t open file” message when I try to access files within wp-admin.

    Can you tell me what tools you used to identify infection, in case that helps me identify the root cause.

    David Uzelac

    (@daviduzelac)

    I’d definitely read the links of the Codex Clayton has linked you, you MAY need to start semi-fresh on WordPress install after backing up to ensure no core files are infected.

    Look into these plugins for looking for detecting such things, but it’s a better option to do a semi-fresh install.

    https://www.ads-software.com/plugins/search.php?q=infection

    Thread Starter wmconlon

    (@wmconlon)

    Thanks David and Clayton.

    I spent a few hours trying to identify which files had been hacked, but finally followed the directions to rebuild the site.

    David Uzelac

    (@daviduzelac)

    I’m glad, I hope you’re back up and running and have implemented some security measures ??

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘can't open file — only in wp-admin directory’ is closed to new replies.

Tags