janw

I’m still having this problem. I have installed the new version (had to uninstall it completely because the line 75 error was keeping me from even logging into my wordpress isntallation). My host did that for me a few days ago. After that, I tried to install from the WordPress store, only to get an error: Could not create directory. So I got onto my host again, they manually created the directory and the install went in.

—————–
Current problem: can’t activate. Get the line 75 error:
Warning: require_once(/home/janwhita/public_html/wp-content/plugins/wordfence/lib/wordfenceClass.php): failed to open stream: No such file or directory in /home/janwhita/public_html/wp-content/plugins/wordfence/wordfence.php on line 75

Fatal error: require_once(): Failed opening required ‘/home/janwhita/public_html/wp-content/plugins/wordfence/lib/wordfenceClass.php’ (include_path=’.:/usr/lib/php:/usr/local/lib/php’) in /home/janwhita/public_html/wp-content/plugins/wordfence/wordfence.php on line 75
————————-

I’ve left it installed, but not activated because it hasn’t blocked my WordPress displaying (which the first problem had), and I can log into my wp-admin.

I don’t have the virus checker mentioned in earlier posts, so that isn’t the conflict. What I do have installed and running under WordPress are: Akismet antispam and Wp-Statistics. Nothing else is activated.

For kicks, I deactivated Akismet, but get the same error message as above when I click Activate for Wordfence.

I love Wordfence (it fixed up some attacks that had been occuring) and we use the paid version on client sites (mine is the free version).

Help???

Hi @wfyann

Hopefully this is helping others. Sorry for going on, but I’m documenting as I try things. Hope that doesn’t break forum rules!

OK, I looked at the source code for theme 2012 and it doesn’t have the msdns.online prefetch line. As I documented before, 2012 does NOT spike CPU, but 2013 does, at least my version does.

I happen to manage a different website, installed 2013, looked at the source code, and that line of prefetch is not present. That site when 2013 is active does not spike cpu either. So I think that is the culprit.

If I delete 2013 from my files altogether via filemanager, can I then reinstall a clean copy? renaming it didn’t work.

Hi @wfyann

Found the problem, maybe. It’s in the head:

<link rel=’dns-prefetch’ href=’//msdns.online’ />

This is blacklisted in sucuri sitecheck data.

Is it possible that theme 23 is generating this code in the header?
And is it possible that code would cause the cpu spike?

Again, this is beyond me. Thoughts?

The problem is either the install of wordpress, which I’ve done several times now or TwentyThirteen theme. The TwentyTwelve theme does NOT result in this problem.

I nuked the problem files that Wordfence found and reinstalled WP again, just to be sure. This problem shows during or after the reinstall:

Warning: posix_getpwuid() has been disabled for security reasons in /home/janwhita/public_html/wp-admin/includes/class-wp-filesystem-direct.php on line 199

I’m now stumped.

Yippee!! Looks like changing to the different theme solved the cpu spike problem. Now to figure out how to get a new copy of TwentyThirteen.

Interesting result when I tried to uninstall;

Warning: posix_getpwuid() has been disabled for security reasons in /home/janwhita/public_html/wp-admin/includes/class-wp-filesystem-direct.php on line 199

MANY times repeated, then this:

Warning: Cannot modify header information – headers already sent by (output started at /home/janwhita/public_html/wp-admin/includes/class-wp-filesystem-direct.php:199) in /home/janwhita/public_html/wp-includes/pluggable.php on line 1216

Is there a manual way to uninstall a theme via filemanager?

Hi @wfyann

I deactivated all the plugins, none are causing this problem, unless just by their presence they are causing issues. I only was running aksimet antispam, wordfence, and wordpress importer.

I’ve been told it might be a crypto miner script, which is why I don’t see it having an effect in my mozilla because I turn javasript off as default, unlike chrome.

I’ve searched my wordpress public_html folder for coinhive, since I’ve read that this is common infection scripting, but it’s not showing up in my front page source code. You could easily look at the source code as well.

Is it possible my theme is infected? I’m using TwentyThirteen. To test this, I changed to TwentyTwelve. I’m also getting a TwentyThirteen is broken message. hmmm….

I notice the CPU spike doesn’t happen immediately. It takes maybe 5 seconds before it begins.

This may seem a silly reply, but have you looked at the settings for the plugin to be sure those functions are turned on?

Thanks again for considering. I asked the person who will be ‘president’ this year if he wanted access and he shuddered. :))

Also thanks for the exclusion of robot tip. I set that at 200 to avoid this problem in the future.

Thank you thank you thank you! I chose 200 hits in a day because I figured that would reduce the likelihood of purging myself who would have the most hits of anyone and it removed the one offending user. All graphs back to reality.

Update:
Reinstalled the theme (via an ftp connection, which allowed me to put the full folder in, then move to the right folder)

But now the Akismet problem is back for my login process. Went and grabbed a new copy of Akismet and replaced that. Login now works.

SO now I can at least disable crappy stuff. I must admit, things have been very stable until now. And now I have copies of the offending/semi-broken? plugins and themes that I can replace via ftp in a much more efficient way than with cPanel file manager.