parse error

You have a damaged/corrupted config file. I suggest you download and examine wp-config.php asap.

I wouldn’t know what to look for if I did examine it. What would I be looking for?

Sudden parse errors can be a sign of hacking.

What to do if you think you’ve been hacked:
https://www.ads-software.com/support/topic/268083#post-1065779

What do I do if I can’t log in? Visiting the site yields the error I first listed. So if I can’t log in as admin how do I even begin to fix the problem?

Finally, let me say that I’m no coder. I’m really just a user of WordPress, and lately it seems like it’s waaay too easy to get hacked. I already reinstalled WordPress 2.8.4 from the ground up and changed my password, but it still (apparently) didn’t fix the problem.

P.S. I was able to open the wp-config.php via my FTP Explorer, and there are a lot of spam links and other gobbledygook. Trouble is, I don’t know what to delete, what to keep, and what to change. What a mess.

You don’t have to be a coder to use the self hosted version of WordPress, but it certainly helps if you’re prepared to get your hands dirty and are willing to learn a bit about how it works in order to get the best out of it.

If you don’t want to bother with any of that, or if you don’t want the hassle of keeping it up to date or managing it, then the WordPress.com version is for you. It’s ease of use vs a more customisable blogging solution.

But anyway…

Start by downloading a fresh copy of WordPress:
https://www.ads-software.com/download/
…and unzip it onto your hard drive.

Then grab your wp-config.php from your webspace and save it onto your hard drive as wp-config-hacked.php (or something). Close it.

Download another copy of the wp-config.php file and open it.

In the unzipped fresh version of WordPress you’ve now got on your hard drive, find and open the wp-config-sample.php file.

You should be able to fill in the relevant details on the wp-config-sample.php file, using the hacked wp-config.php file as your source. You should find the database username and password that you can insert (it goes in the “usernamehere” and the “yourpasswordhere” space).

Then you can fill in the four Authentication keys lines, using this page – just copy and paste them into your wp-config-sample.php in the relevant space:
https://api.www.ads-software.com/secret-key/1.1/

Once you’re done, save it as wp-config.php, then upload that to your webspace and see what happens.

Phew.

alism,

OK, I’ve downloaded and unzipped WP2.8.4 on my laptop. I’ve also saved the corrupted file to my laptop. Now, in the files I downloaded, there’s no “wp-config.php” but there is something called “wp-config-sample.php.” Is that the right file?

Thanks,
John

^^^ answered above…

Got it. Now…what’s the deal with the code you said to copy for the four Authentication keys lines? What is that stuff?

Good to see you getting curious… best way to learn. ??

Each time you load this page:
https://api.www.ads-software.com/secret-key/1.1/
…it’ll generate four random strings. You don’t have to use it, you can make up your own if you like. It’s just an easy copy and paste, that’s all.

WordPress then uses those random strings to encrypt cookies from your site. In a nutshell, it’s a security thing:
https://codex.www.ads-software.com/Editing_wp-config.php#Security_Keys

OK, I did it and now I can pull up my site.

What’s the next thing I need to do? Change my password?

Yay!

Yep, change your passwords. FTP and WordPress. Also check there’s no extra administrators listed on the Users page when you log into your wordpress admin.

Take a back up of your site and database.

It would probably be good idea to do a complete re-install of WordPress too, just in case any of the core files have been altered aswell.

Then read the links at the bottom of this page:
https://www.ads-software.com/support/topic/307660?replies=1

There’s plenty of documentation on the forums about how to clean/check your site after a hack.

Best of luck. ??

Changed my admin password, made an SQL backup.

Now, if I reinstall wordpress, is that just a matter of uploading the files I just downloaded an unzipped, then making sure the wp-config.php has all the IDs and passwords? Do any other files need to be modified for this to work?

Pretty much.

Delete the wp-admin and wp-includes directories and the WordPress files inside the root folder — except the wp-config.php file that you’ve already done. Don’t touch the wp-contents folder either.

Then re-upload those files/folders you’ve just deleted with the ones in that zip (but once again, don’t try to upload the wp-contents folder).