wanderer

I got an “Error establishing a database connection” message today out of the blue without modifying anything related to my website after the 4.5.1 update. In my case it was due to the remote MySQL server somehow going offline. Maybe it had nothing to do with 4.5.1. update, or maybe it did.

After that happened, I tried to log into either MySQL Databases or phpMyAdmin (in cPanel) and cPanel showed an error message: “The MySQL server is currently offline.” I waited 5-10 minutes and it came back online, and things resumed normally.

Try waiting a few minutes. See what happens first.

Still continues into WordPress 4.5.1…

Anyone notice this strange behavior?

Thanks Raam. I appreciate the time you took to check into the Wordfence source code to see whether their disabled features (when their Falcon Engine is activated) might also interfere with the cached environment in Comet Cache (if those features are left enabled).

To make sure I understood clearly: leaving these Wordfence features enabled is unlikely to cause issues with Comet Cache, even though it’s also a cached environment, correct?

Thanks for the hint. I figured it out. It was due to earlier in Custom CSS where I failed to make #inner wider, so the left sidebar was pushed down (cuz of making its width wider) when its right boundary conflicted with content’s left boundary. I had previously used position:absolute to get the left sidebar back to the upper left corner of the website — and it caused this stretching problem.

Everything’s fixed now. Although I can’t help wondering… how did position:absolute of the left sidebar mess up stretching at the bottom of the page? Does anyone know?

You’re welcome! One more suggestion before catching some shut eye (for real)!

With Adwaremedic (now combined with Malwarebytes Anti-Malware, a product by a well known company) — what you can do is this… if you have cPanel or something similar for your hosted website, go to cPanel > File Manager, compress a copy of all files into a .zip, download to your computer. Then extract the contents into a folder but do not double click or execute any of the contents. Use Adwaremedic to scan and clean up anything it finds in that folder (and your computer, just in case). If adware is found and removed from that folder, then you can put the remaining contents into a different .zip.

At that moment, put the hosted files (at the server your website is on) for oveya.com.au into a backup folder. Upload the .zip to the hosted directory it needs to be extracted at. Extract the contents. If the adware is now gone and everything on your site is fine, you can get rid of the backup folder. You still have its contents backed up in the first .zip on your hard drive in case things don’t turn out right. I hope that’ll solve your issue.

Others may have better suggestions. What Sucuri may have missed (especially if it’s better at anti-virus than anti-malware scanning), Adwaremedic may catch since it’s now merged with Malwarebytes which specializes in anti-malware. You can also take precautions (e.g. change WP login password and use Wordfence plugin) to secure your website against hackers and any further infection, in case that’s what happened.

I overlooked that it was just your website (in addition to overlooking the “unwanted popups” in the title). I think I’ll go catch some sleep. The others can help you for now. Good luck getting it resolved!

Sounds like malware, since popups from vosmangas.com is known adware.

Try using this on OS X to detect and remove it:
https://www.adwaremedic.com/index.php

I use Malwarebytes Anti-Malware on Windows and it’s one of the best out there. It’s also free. On OS X too. ??

If the popups are not something you want others seeing on your site, then cookies aren’t the real problem.

Again, what do these popups show exactly? Content or notices you want others seeing on your site? Or unrelated advertising / naughty stuff? The former might be a plugin issue, the latter might be a malware issue.

Might help to know details on those popups. What exactly are they showing?

OS X rarely has malware issues. (edit: I correct myself, that’s no longer the case. See this article.)

It’s possible your issue is related to cookies. I checked and your site generates cookies, but I didn’t see a popup. It sounds like the cookies are being cleared every time you clear browsing data, and the popups come back because the cookies need to be set again. See if your browser cookies have been set to “always accept”, and don’t clear them unless you need to for one reason or another.

Are you using Windows? Because if you are, you can look in “Programs and Features” (located in the Control Panel) to see if any programs installed without your approval.

Malware (including ones that trigger popups) often are installed when you download an installer .exe and choose quick installation instead of custom installation (to uncheck unwanted add-ons). Happens a lot with sites like CNET that bundle malware with programs.

Sybre, I was just looking around at SEO plugins and noticed your plugins. I’m looking forward to trying The SEO Framework once I have more content on my website.

The reason I’m commenting here is because I noticed that ron7789 gave you (what I thought to be unwarranted) 1-star reviews on your The SEO Framework plugin and this plugin. I have looked at your The SEO Framework plugin settings. You obviously work very hard on your products and I’m aware that a low rating can hurt the plugin’s position and reputation when there are only a few ratings. It’s obvious you give great support to your customers and remain positive, whereas there are many developers that rarely or don’t even reply in the review sections.

ron7789, if you see this, I think you can do better than this. If many other users are rating a plugin 5-stars and you’re the only one that gave a product 1-star (such as you did for The SEO Framework plugin and this one), maybe you should rethink the 1-star rating and see whether the problem is actually the developer’s fault or something that you’re not doing correctly or a plugin conflict on your part. Be fair and considerate towards others. This is a free product, after all. Think about adjusting the rating a little higher because obviously the developer is working hard and trying to help you with this here in the review section, even though the review section isn’t supposed to be a support forum.

Sybre, fortunately many people looking into SEO are smart people looking for ways to improve their website ranking. Chances are, they’ll read the comment section out of curiosity as to why there’s one low rating when there are so many high ratings. Keep up your good work (I already took a look at The SEO Framework settings and am impressed) and don’t let things like this discourage you. Once I have developed my website enough to give The SEO Framework a try, I’ll give a rating on it. Good luck.

@scott I agree 100% with you and the analogies you made. Still not sure what you meant by “good discussion on Twitter”, since from here it looks like you and Jan still have diametrically opposite points of views. ??

My point of view: I see security as a mathematical and probability thing, like you do. I don’t think it’s a good idea for anyone to assume that a revealed username is not a security flaw — however tiny of a security flaw it might appear to be with a strong password. If the username being revealed is not a security flaw, then (to those who share Jan’s point of view) tell me why hackers would even bother taking time to try to find actual usernames by doing this:

Briefly: if hacker types in yourdomain.com/?author=1 they get forwarded to a page listing all posts by the author with ID #1 (if one exists). The new URL has the username in it and any hacker can simply go from ?author=1 to ?author=10000 with a quick script and gather all usernames in your entire site.

Source: https://www.ads-software.com/support/topic/disturbing-login-hack-attack-using-real-usernames?replies=14#post-5691795

Now take that one step further. If you’re a big company, you have a database with thousands of users. There might be a user that has a weak password on your website. That might be the weak link. The hacker who successfully breaches that user’s password and breaks in can then inject malware that can spread beyond that user’s files and database. That’s one reason hosts (especially on shared servers) will quarantine / shut down the infected website when a hacker has broken in. Couldn’t this have been easily avoided if the hacker didn’t know the username when the password was a very weak one? If one user’s password is weak (and you can’t reasonably expect everyone to use a strong password unless a strong password is enforced), then it is a security flaw for the username to be known. This could’ve been easily prevented if the username was unknown.

Such as with this htaccess code, for example:

# Stop wordpress username enumeration vulnerability
RewriteCond %{REQUEST_URI} ^/$
RewriteCond %{QUERY_STRING} ^/?author=([0-9]*)
RewriteRule ^(.*)$ https://yoursite.com/somepage/? [L,R=301]

Source: https://www.ads-software.com/support/topic/disturbing-login-hack-attack-using-real-usernames?replies=14#post-5753890

Note how it’s called a “vulnerability”.

What may seem like a minor issue with just one user (especially a tech savvy one) can become a problem when several users (or even just one user using an easily guessed password) are involved. Two-factor authentication really helps, but not everyone uses it. Many users aren’t very computer literate and use weak passwords that can be broken via dictionary password brute force attacks. To protect these types of users from such a widespread method of hacking, it’s probably better to consider usernames revealed unnecessarily as a security flaw that could have be easily addressed. Only the administrators and the user himself/herself should be able to see the username in question. Why the public needs to know your front end login username associated with a password, makes absolutely no sense. That’s what display names are for.

Thanks doubleedesign! That was a perfect answer. I had about 50 tables in my database so I wasn’t sure where to check. Thanks again.

Then it’s likely there’s a setting somewhere that is misconfigured. Maybe you have other plugins that have control over redirects?

Flushing the DNS cache can still come in handy once you detect the misconfigured setting, if changing the setting alone doesn’t resolve it.