RadiantFreedom

I recommend you try re-doing doing the migration with CMS2CMS. https://www.ads-software.com/plugins/cms2cms-joomla-to-wp-migration/

I’ve used them for both Joomla to WordPress and Drupal to WordPress migrations and haven’t had any issues like what you’re describing.

Regardless of whether you continue to use your own code, or the plugin, you will encounter some issues due to the differences in both platforms. So expect that you may have to reconstruct some contents, including your main menu or page contents. I always keep a backup of the old site whenever I’m doing a migration, especially between different CMSs in case I need to reference the original or repeat the process to recover from an error.

@sterndata – Thank you for your suggestion, that was actually the first place I looked, but seeing no sign of the developers there and other questions having gone unanswered for months on end, I figured it’s an abandoned plugin.

I may need to consider other options if we can’t as a community find a way to get that plugin working. I’m open to any suggestions the community may have. I really need to get my clients ads working properly on all platforms as that’s his main revenue source for his site.

I would like to thank the WP.org community in advance for any help, suggestions or alternative plugins that would do the same thing as WP Bannarize you can suggest.

Thank you so much for your help. I’ve been trying for days to at least ask my question.

@rvae – I suggest you try deleting all files on your website and find an earlier backup you can revert to. The hack may be coming from a NON WordPress file on your server. Also, you need to change all passwords associated with your website, including all admin WordPress logins, all Hosting account logins, all FTP logins, and maybe even your database login.

Or, if you’re worried about too much data loss, and have the budget, hire WordFence or SitLock security experts to do a full cleanup for you.

Regardless of how you kick the hackers out, as soon as you have access, install WordFence right away, and if you need to recover from a backup from before you installed WordFence, re-install it right away.

If you can afford it, SiteLock is a very good option as well. They ARE pricey but extremely good.

I know from experience cleaning up a hacked website can be VERY frustrating, and once they’ve broken in once, they’ll keep trying for some time to come. So you need to be prepared for that and have security in place to block them.

When I’ve had to deal with hacked websites, I’ve had increased hacking attempts on those sites for as long as a year afterwords.

@anevins – That’s a long article, and the reason I wrote it was because I kept having to repeat that same information and found it more efficient put it in an article to reference for people who need that extra help. I don’t know if the full article would even fit in a post here and even if it did, it would get both our sites in potential trouble with Google over duplicate content.

The thing to know about scans is they can tell you there’s a problem if they detect something, but if they don’t detect anything, that does not mean there’s not a problem, only that they didn’t detect any. Hacks and malware can be stealthed or a new variety that the scans don’t detect, and can be hidden for days, weeks, or even months. I had a client who’s website was hacked and the hack didn’t become apparent until about 6 months later. That was a monster project restoring 6 months of updates and blog articles for them when we did find the hack and had to go back to a 6 month old backup!

Did you make any changes just before this issue started, such as updating a plugin or theme, or the wordpress core? Were there any changes to your servers that might be affecting your wordpress install?

Also, can you check what account type you’re logged in as? some of the features may be disabled if you do not have the permissions to use them, so make sure you’re using an Admin account.

That could explain some of what’s going on, but the blank pages and non-responsive buttons may be coming from a different issue, but let’s at least establish a baseline of where you’re at.

This was most likely a random attack. First follow the steps recommended by @anevins to clear the hackers out of your site. If you have backups, be prepared to restore your website to the last known good version if all else fails. It’s better to lose a few days or even weeks of work then to let hackers have free run of your website.

Regardless of what you do, you’ll need to change all your passwords associated with your website, any of them could have been compromised by the hackers. If you need some help with how to make your logins strong I wrote this article on that [redacted]

If you have the money, WordFence can do a one time cleanup of your website for about USD 250 or so. Now that your website’s been hacked, it’s also likely been flagged by the hacker community as a vulnerable site, so expect more attacks in the coming months. WordFence is also a very good firewall which I install on all my client’s websites. It’s a plugin you install like any other, but adds security protections to your website that will make a repeat of this problem much less likely.

If you find you need a deeper level of security, I can also recommend SiteLock as well, who I use on my own website and I’ve been attacked by hackers but they have never been able to breach sitelock in the nearly 4 years I’ve used them.

Lastly, since the attack seems to have installed Malware on your site, I’d also recommend doing malware scans on your computer. I use Norton for my primary security, and MalwareBytes for secondary protection and scans. You can also try Hitman Pro, which comes with a 30 day free trial and I’ve used it with great success as well.

• This reply was modified 6 years, 6 months ago by Andrew Nevins.

Did you just add WordFence? If so, try disabling it and see if your issues still persist. If that fixes it, then it may be you got a bad install of wordfence and you might need to delete it and re-install it.

IF that doesn’t work, try doing the same for each of your plugins, 1 at a time. Then do the same test on your theme, by swapping it out for a free theme, say one of the default themes that normally comes pre-loaded on wordpress.

If you still can’t add any new users or use the Change Password Button, look for a backup of your website from before that problem started, and try restoring your site to that version. You may lose any changes you made in the last few days if you have to do that, so I’d save that for a last resort and make a backup of it in it’s current state just in case you need to go back to where you are now. If you have trouble making backups manually, you can install either of these plugins: BackupWordPress or WP All In One Migration. Either of those can make a backup of your entire website, including the database and files.

If going to a backup fixes your problem, then it’s likely one of your WordPress files got corrupted recently.

Also, confirm the account your logged in as is a Admin account. If it’s a lesser account it may be a permissions issue, though from what you described, it doesn’t sound like that’s likely the case here.

Try disabling the plugin “Disable Commends” and switching to another theme and see if the comments behave according to your settings.

If so, then it’s likely an issue with your theme. If your themes a free theme, you can post in your theme’s support subforum to get more help, if it’s a premium theme, you’ll have to go through your theme developer’s support system to get further help.

I just checked your latest article, the one on N Carolina wineries, and I’m seeing a bank of 3 pinterest images about 2/3 of the way down the article.

As for the other issue, another thing to look at are what plugins you’re using, it is possible one of them might be in conflict with your theme or another plugin or your current version of wordpress.

Try disabling your plugins 1 at a time and test if you can preview pages/posts after each one you disable. Once you’ve tested with it disabled, re-activate it and move on to the next.

To test if there’s an issue with your theme that’s causing it, try changing to one of the default themes and see if that fixes the issue. If you do find it’s your theme or a plugin, try contacting the appropriate developer for further support. If it’s a bug, they may be able to help you fix it or patch it out in a new update.

I think your main issue is with the definition of “Follow” vs “No Follow”.

First off, by checking the Search Engine Visibility box you’ve already accomplished what you wanted. Be aware that search engines may or may not honor your choice, but it will dramatically limit them indexing your site prematurely.

“Follow/Do Follow” means when search engine crawlers (bots) are indexing a site and come across a link, they will allow that link to boost the “Authority” of the page it goes to.

“No Follow” means the page that link goes to will not get any “Authority” from the page or site the link is on.

So basically this setting is you deciding if you want to share your website’s “Authority” with the pages you’re linking to. Usually it’s fine to let your page’s authority pass along to sites you’re linking to, but the No Follow option exists for times when you may not want to.

Now I’ve mentioned “Authority” a few times here and here’s what it means.

Google measures how much Authority a site has based on how many other websites are linking to it, and how “authoritative” those websites are. Google measures 2 types of authority. 1 for just the individual page in question, and 1 for the domain as a whole. Google calls these “Domain Rank (DR)” and “Page Rank (PR)”.

Moz.com also has a similar system they use to accurately approximate the authority ratings Google assigns to a website called Domain Authority (DA) and Page Authority (PA).

I hope this background information helps you better understand what’s going on with your website and Yoast SEO settings.

@motherofchaos3 – Are you useing SSL (website starts with “https” instead of the usual “http” for your website?

If so, try using the plugin “Really Simple SSL” which can fix most SSL related problems with WordPress.

EDIT: Just saw your new replies and checked your webiste, definitely no “HTTPS” there.

What level of user are you trying to post with? If you’re not logged in using an Admin account, you will be limited in what features you can use. Try making sure you’re using an Admin account and let us know what happens.

• This reply was modified 6 years, 6 months ago by RadiantFreedom.
• This reply was modified 6 years, 6 months ago by RadiantFreedom.

Given that the developers have’t updated this plugin in at least 2 years, I’d say they’re no longer developing it. You might want to try posting your support questions in the General WP forums as you may have a better chance of getting an answer there. Or look for a new plugin that does the same thing and switch over to that.

I wouldn’t expect any support from the plugin devs after all this time.

I’ve been having this problem for one of my client’s sites too.

In my case the issue started at the same time the host migrated to new servers and few other things on the website also broke at that time too, so I’d originally attributed the problem to that. Seems I’m not the only one having this problem. For me it started around February. The affected website’s hosted on TMD. The other websites that so far don’t seem to be having this issue are not hosted there.

@wwwolf – Thanks for this workaround, I’ll try it out.

• This reply was modified 7 years, 7 months ago by RadiantFreedom.