ctenos

I also lost the “Visitors” log page a few weeks ago, and really could use it. Anyone out there know if there’s an issue with plugin, compatibility with updated WordPress version, clash with other plugins?

I’ve been using a VPN – could that be a problem?

Thanks for any help!

Test page removed. In case anyone wants to see the result of Dion Designs’s guidance, it’s the top image here: https://fpond.org/flow/?page_id=111.

Thanks again to DD and the Forum, not to mention the whole WordPress team!

• This reply was modified 4 years, 11 months ago by ctenos.

Magic – thanks for this suggestion!

In case useful to someone else: I pasted the code into the Atahualpa theme options section “Add HTML/CSS Inserts.” Didn’t see any change. Adding it via Appearance > Customize > Additional CSS did the trick.

Again, many thanks!

Apologies; would prefer not to post URL here while having what might be security issues.

The .htaccess file is large (26kB, mostly blocked IP addresses) and may be too complicated due to multiple security plugins and a few others. Current active plugins:

Acunetix WP Security
AJAX Heartbeat Tool
All In One WP Security
Block Bad Queries (BBQ)
Disable Feeds
Email posts to subscribers
Heartbeat Control
iQ Block Country
Limit Login Attempts
NewStatPress
Popup contact form
StopBadBots
Wordfence Security
WP Cerber
WP-PageNavi

Only deliberate change in recent weeks was installing Comet Cache; that’s been deactivated, with no effect on login. I also tried disabling all plugins by changing the folder name, again with no improvement.

The WordPress site (call it WPblog) with login problems is an add-on domain (call it AddOn1.org) to a multi-site business hosting plan (call it MainDomain.com). There are .htaccess files in three places within the cPanel file structure:
– none in /home/maindomaincom
– 26kB in /home/maindomaincom/public_html
– 26kB (same file) in /home/maindomaincom/public_html/addon1org
– none in /home/maindomaincom/public_html/addon1org/WPblog
– small ones (ca. 500 bytes) in /home/maindomaincom/public_html/addon2org, addon3org, addonon4org, etc.

Should I disable one of the 26kB files? What is the best place to keep one for maximum protection?

Thanks for your help!

Thanks for all that, and wilco.

Much obliged for this help, James. I have renamed all of the .htaccess files in the line from site root (/home/maindomaincom/) down through public_html/domain2.com/blogname, leaving only the one in public_html/domain2.com (asterisks below). Is that what you meant by the domain’s root? Just for clarity, the File Manager tree looks like this:

– /home/maindomaincom
-.- /home/maindomaincom/public_html
-.-.- /home/maindomaincom/public_html
-.-.-.- /home/maindomaincom/public_html/domain1.com [a sinple static site]
-.-.-.- /home/maindomaincom/public_html/domain3.com [another WP install]
-.-.-.- /home/maindomaincom/public_html/domain2.com [index page for site]**
-.-.-.-.- /home/maindomaincom/public_html/domain2.com/blogname [WP install with issues]

And if it is correct, will that .htaccess also protect domain3.com, in a parallel branch of the file structure?

I have been using iThemes security (=BWPS) for a couple of years, but apparently it can’t handle whatever’s going on, or I have it configured wrong. Will add BBQ when I next regain access to my blog’s backend.

Most of the 57 kB .htaccess file is lists of banned IPs. However, there seem to be two redundant lists, of the form “Deny from aa.bb.cc.dd” and “Require not ip aa.bb.cc.dd” – and both seem to come from All In One WP Security. Can I safely delete one list?

Apologies for mis-statements made in ignorance – this all seems pretty mysterious, even with forums and web tutorials!

• This reply was modified 7 years, 9 months ago by ctenos.
• This reply was modified 7 years, 9 months ago by ctenos.
• This reply was modified 7 years, 9 months ago by ctenos.
• This reply was modified 7 years, 9 months ago by ctenos.

OK, everything working now. In case useful to others: it seems that cPanel itself has a 50 MB file-size limit for database uploads. (Mine is only half that when compressed, but perhaps cPanel can somehow sense its 70 MB unpacked size?)

So – set up a new empty database via the maindomain.com cPanel’s “MySQL Databases” function. Gave usernamepassword to host tech support. Uploaded OldDB.gz to maindomain.com/public_html/mydomain.com/blog, and unzipped it in place. Host techs were able to import it into new DB – which user can’t do in this shared-hosting system. Then changed username. Still didn’t work until host tech kindly added a custom php.ini with increased PHP memory_limit: again, something user can’t do.

So – A-OK, and thanks for help here.

Sorry; I have again been unclear. The new add-on “umbrella” domain, which I’m calling maindomain.com, is on a new/different server. Since I’m turning off all the old single-site hosting plans and putting all those sites as add-ons to maindomain.com, I have to move all the files to the new cPanel, under each old site’s name (maindomain.com/public_html/mydomain.com, e.g.). Then adding maindomain.com‘s IP address to the DNS listing for each domain registry, they all point to the new add-on domains. Moving all the HTML files/uploads worked fine for the index pages. But I apparently need to import (not just copy) the WP database into the relocated cPanels. And not sure how given shared hosting’s limit on upload size through the PHP and restore utilities.

Thanks for the above; this is where I’m confused. With add-on hosting, I don’t actually have to change either the domain name or the URL – just change the DNS settings on the domain-management page to the address of the new add-on domain site.

I did have to move all the files, from /public_html/blog on the old site (mydomain.com) to maindomain.com/public_html/mydomain.com/blog as an add-on domain. The index page (maindomain.com/public_html/mydomain.com/index.html) shows up OK if I put mydomain.com) into a browser’s URL bar.

But to get the blog to show, doesn’t the database need to be imported into phpMyAdmin, rather than just copied into some directory? Difficulty so far is that at 70 MB, the DB is too big to upload with either phpMyAdmin or Backup Wizard. (I’ve asked the shared-server host for temporary permission; waiting for answer.) I can upload the backed-up DB to the new site’s cPanel file manager via FTP, but have no idea how to get it installed properly since the phpMyAdmin and Backup Wizard seem only to be able to upload from an off-server source.

Am I missing something obvious? Lots of people must be moving separate domains to add-on hosting, so this can’t be new…

• This reply was modified 7 years, 12 months ago by ctenos.
• This reply was modified 7 years, 12 months ago by ctenos.

Much obliged for the thoughts, KStarcher. I’ve tried turning off most of the plugins (and deleting inactive ones) – *except* security stuff, since the attack rate is so high. And I don’t have a caching plugin. That didn’t seem to help.

My domain host kindly rolled the whole install back to an earlier date; I did have off-line copies of later posts, and was able to restore everything quickly. (Thanks yet again, Midphase!) As best I can tell, the public WordPress posts and pages now load just fine. But… When I’m logged in as admin, I still usually have to click “refresh” before a back-end page will load.

Does that indicate anything?

Thanks!

In case it matters, I seem to have several .htaccess files in various directories. Most of them are ca. 250 bytes. The one that’s the WP root directory (“public_html/blogtitle” – is that called the root directory?) is much larger, almost 300 kB, and contains all the blacklisted URLs, user agents, and a list of “Require not ip” addresses.

Should I delete all the other instances of .htaccess? Is that the best location for the big .htaccess file? Would moving it confuse the security plugins that use it?

Thanks for any help, and I hope this will be useful to others as well.

Can anyone please help? Now running three plugins with blacklist functionality; hope they don’t conflict.

I loaded the list of banned IPs into WP Security “Blacklist Manager,” iThemes Security “Banned Hosts” and IP Geo Block “Blacklist of extra IP addresses prior to country code.” Still getting multiple hits from banned addresses.

Latter two plugins change the formatting of copy-and-pasted wild-card blocks. E.g.,
WP Security “104.128.*.*” turns into
iThemes “104.128.0.0/16” and “104.128.0.0”
IP Geo Block “104.128..” and “104.128.0.0”

I didn’t find a guide to correct wildcard formatting on the latter two plugins, so perhaps need to re-enter all the blocklist items.

Any help in stopping these attacks would be appreciated. I don’t know if they can cause any harm, but they do fill up the NewStatPress visitor list and make it hard to track legitimate readers!

• This reply was modified 8 years, 2 months ago by ctenos.

Thank you for this, James – just the kind of information needed. The first company seems to be typical for pricing: high pice, hih srie. Was hoping fr someting muh heaper with just status-quo mintenance.

WP.com is looking like the best option. Issue there is that they don’t offer the Atathulpa theme, in use on several of the sites in highly customized form – ca. 200 modifications via Atahlpa’s versatile option menu, plus code changes. I guess if that person is able to get an acceptable appearance with some other theme, it might be worth making the change just to get use of WP.com hosting/management. And could always switch back a few years later.

Thanks again.

Easy to restore blacklist, too. Probably obvious to people in the know, but perhaps useful for relative beginners like me:

From a backed-up .htaccess file, copy the whole list of entries that looked like this

Deny from 110.80.77.105
Deny from 110.89.0.0/16
Deny from 113.119.53.0/24

into WordPad. Use global replace (Ctrl + H) to remove “Deny from ” throughout. Replace all “0/16” and “0/24” with “*”. Selectively replace all “.0” with “.*. Then copy whole list and past into Blacklist Manager IP address window. It will warn of any formatting errors or extra lines.

Thanks to mbrsolution for that link. Didn’t use it this time, but might need it in the future. May be valuable enough to get special attention in the WP Codex?

The PHPMyAdmin edit suggested by wpsolutions WORKED – YES! – THANK YOU!

I marked this topic as resolved. One last question, which may not be answerable as I didn’t save the deleted “options” line: Any idea which setting might have caused the problem? I will now activate many of the AIOWPS features, and wonder if there are any that might be most likely to have caused the issue. However, now that there’s a quick fix, I’m not worried.

THANKS AGAIN – what a great community of users and authors!