Suddenly, WordPress is sorting my posts randomly, also changing the date

Green light — The core change was made by Raidboxes. Puuh, I′m so happy right now. But the date issue still exists *cry*

Not for nothing but Flywheel and WPEngine do not modify core files. I am still suspicious that there are core files there were not modified by Raidboxes. There is no reason your the date of your posts should be randomly changing.

The only file that should be modified is wp-config.php and there should never be files added to the core. If you or your host need to add files to make the server configuration work correctly the files should be added in a plugin not in core.

I’ll second that. If your host is modifying Wordpess core files, you should find another host.

Hey,

as I understand, they use some specific mechanism to help them installing some plugins (internal backups etc..). For now I trust them, because why I shouldnt? It′s a legit hosting company with some decent support.

But I can follow you, regarding the wordpress core. I don′t know how the other wordpress hoster handle this. It might sounds suspicious, but could it really harm my website?

Anyway, Raidboxes hosts my sites for 3 months now, but the “date” issue is maybe 2 weeks old.

Is there no way to see, which part of code is causing this issue?

Unfortunately, yes the code they added to the core could be insecure. If their code is insecure then it leaves holes and backdoors for bad guys to get in and mess up your website. That said, there could also be insecure code in your theme or a plugin you are using.

Your best bet at this point is to take a look at the “Other Resources” on the faq article I linked you to the other day and get your site cleaned up. This problem with the dates is definitely not normal and is definitely a sign the the site has been hacked.

Hey Davood,
I was on a short vacation (world youth day in krakow poland – with our pope and stuff). The bug still exists. Next week I will search and hire a wordpress developer to look at this issue. Right now I′m going through the “other resources”. Thanks for your help, man. I will update this thread soon!

Thanks for the update. If/when you do put out an advertisement to hire someone I would suggest posting it to jobs.wordpress.net. They will post it for free and developers will email you directly telling you what their rates are and how you can proceed.

One question: Have you any experience with the service from SUCURI?
They claim to “clean and repair hacked websites” for a reasonable price.
https://sucuri.net/website-security/malware-removal

WPengine seems to using them too.

Thanks, in the past I used codeable.io for theme developement. They are not cheap and after spending there a good amount of money, I got mixed feelings about them. They got some pro devs there but I will keep your suggestion in mind regarding jobs.wordpress

What I will do today is performing a file-permission check on my server. In the past I′ve changed some permissions without setting them back to the “original state”

Sorry, I do not like Codeable.io. I used to work with them but their business model is bad for developers and I stopped working with them as a result.

Where it comes to Securi. I have not personally used their service because I know how to clean sites myself without their service. However, I do know one person who used them and then had more problems a few weeks later. From what I heard from that person they fix the site but do not secure it from future attacks.

Sorry to hear this regarding codeable.io. At the frontend they represent themselves as the non-plus-ultra for wordpress devs. So much success storys and stuff..

Sucuri could be a pretty cheap solution to ged rid of the issue, but as always with cheap offers: The devil is in the detail, and I got no guarantee that they get it fixed. Because who knows for sure if this is a hack or just a malfunction from bits of my last deleted plugins.

For my next project I′ll consider to try Wpengine. They already got the Sucuri service included, so I save 300 bucks only for that.

Hear us soon

btw: I made a permission check and found this one:
root directory /home/wp/disk/wordpress/ 1775 instead of 0755

Should I change that to the recommended 0755?

The problem with my managed wordpress is, that I don′t know what they changed by themselves. I call them and get back to you..