CrissyUK

It worked on the EDD product page but it also disabled the comments on the blog posts.

Maybe it’s the theme I am using which is quite old but what I want. Sigh…

It was the plugin WP Total Cache that caused the issue during the upgrade. After deactivating the plugins folder and trying to access plugins.php it threw a few error lines with instructions on which files to remove from the WP-Content directory. Did that, upgrade was completed.

Phew!

Thank you for your help, much appreciated.

Cristina

No, I haven’t yet resolved it yet but you might have just given me an idea… maybe I need to deactivate the sidebar when the site is viewed in portrait on a phone. At the moment it’s being displayed at the bottom.

No idea how to do this but I am going to find out. ??

I am having similar issues too… prior to your latest update of the plugin whatever image or metadescription I set in your plugin worked beautifully on Facebook.

Now I have to go to the debugger and force a new “scrape” of my blog posts if I want them to look correctly when I post a link to them on FB.

Is there an easier way around this or some way that the plugin could request a new scrape whenever the post is updated?

Many thanks ??

OK, email sent a couple of minutes ago.

All the best,
Cristina

Hi, could you please PM me an email address that I could forward the file to?

I cannot contact you at that link as I am not a Premium member ??

Thank you.

P.S. For anyone else reading this, I have been using the plugin for the 3 to 4 years and it’s been absolutely marvelous in every respect. It just seemed to have been the target for that infamous hack which has since been resolved by Sucuri.

All the best,
Cristina

Thank you for getting back to me.

In this case the culprit was the plugin “SEO Adviser” that I installed some time ago. I never activated it so I decided to remove it to see if it was the backdoor and… bingo! Suddenly hundreds of spam pages that only a Google site search picked up on became visible in the pages menu and I was able to remove them.

What’s worrying is the sophistication of the hack as neither the free versions of Wordfence nor Sucuri picked up on the script or the spam pages. ??

Now here’s to hoping that they will leave me alone for a while. Ironically, when I only had a few html pages on this website I didn’t have these issues. Maybe it’s time to go back to basics… ??

Thanks again,
Cristina

Thank you for getting back to me Blade.

I spent 24 hours following all the tips in the guide and still I was unable to locate all the malicious files which were so deeply obfuscated that none of the free website scanners could find them.

In the end I gave in and paid the subscription to Sucuri. My site was escalated immediately but they eventually managed to clean everything up and secure the site.

Interestingly it appears that the malicious code was injected into the wp-includes/…/tinymce subdirectories but also into the wysija directory, in one of the css files.

On a different website the backdoor to creating hundreds of spam pages was kindly provided by the plugin SEO Adviser.

Lessons learned:

1. run a site search on Google on a regular basis.

2. being stubborn is a gift that helps me get ahead in life but in this instance it caused me to spend days trying to find something that I wasn’t equipped to find. Call in the experts and let them do their thing.

Thanks again for your help, it’s great to know that there are people on here willing to give up some of their time to assist people like me when we come a cropper with WordPress. ??

All the best,
Cristina