The "No Dev Question is Stupid" Thread - Basic HTML / CSS / Etc.

[freshpeppermint]

Guys I got hacked what should I do to remove index.php? It keeps updating back to the old one.

 

[mmm91492]

Guys I got hacked what should I do to remove index.php? It keeps updating back to the old one.

That means some other file on the server is the actual source of the hack, and it's what keeps updating index.php. If you can access your WP Dashboard, install the Wordfence plugin. Run a full scan using that plugin and it will tell you which files are malicious and let you autorestore the original files.

 

[freshpeppermint]

That means some other file on the server is the actual source of the hack, and it's what keeps updating index.php. If you can access your WP Dashboard, install the Wordfence plugin. Run a full scan using that plugin and it will tell you which files are malicious and let you autorestore the original files.

I tried that, and deleted and repaired the old files but the index.php file still autogens. I even changed my panel login (this changes FTP logins). It still somehow gets updated. So yeah I am still lost. There's these .htaccess files in almost every folder

 

[mmm91492]

I tried that, and deleted and repaired the old files but the index.php file still autogens. I even changed my panel login (this changes FTP logins). It still somehow gets updated. So yeah I am still lost. There's these .htaccess files in almost every folder

Hmm in that case I would probably contact your hosting support to see if they can find anything. Having .htaccess files in different directories isn't uncommon nor inherently bad, depending on the contents of the file.

 

[freshpeppermint]

Hmm in that case I would probably contact your hosting support to see if they can find anything. Having .htaccess files in different directories isn't uncommon nor inherently bad, depending on the contents of the file.

My host said he can't do anything. I wonder what is causing autogenning.

 

[Ryuzaki]

My host said he can't do anything. I wonder what is causing autogenning.

You missed a file somewhere. It’s hiding in there somewhere, possibly in theme files or anywhere in the file structure. The best move is to change nothing at first and go through every folder and sort by the most recently edited date.

It’s too late for that now that you changed them all and screwed the time stamps around. But you know the remaining pieces are hidden elsewhere so you can at least root those out and then replace all the WP files at the same time.

Otherwise you need to either find something that can either scan the files or do a full, clean reinstall, including the theme. You can export your database and theme settings, even take an XML backup from Wordpress. Then backup your media files too and very carefully go over them to make sure there’s no PHP files hiding in there.

 

[bernard]

If you know when you got hacked, you can ask your host to restore a previous backup from before the hack, then make sure to update all plugins and themes.

Otherwise, you can pay someone to clean it up:

https://sucuri.net/ is who I've used.

I've also manually cleaned up a few times. The most important thing is to figure out what kind of hack it is. These are all automatic hacks that use exploits.

You find a hacked file by looking at timestamps like @Ryuzaki mentions and then you can find the code in it. It will often be obfuscated by a Base64 encoding, which you can decode somewhere like: https://www.base64decode.org/

Then when you have the code, you can put it into google and figure out the hack. From there you should be able to figure out where it got in and what plugins/themes to update etc.

After cleaning up files and plugins, you also need to clean the database. You can do this in PHPMyAdmin using the knowledge about the hack, you search for the string and can either do an autoreplace or manually change it.

Overall, just pay the $200 if you're not technical. Sucks to spend that money, but lesson learned.

Honestly, hacks these days are very rare for me, probably because the hosts I use are very good at keeping out hackers by IP banning and the like.

 

[bernard]

How would you create an Event in Google Analytics when someone is clicking a javascript widget that doesn't leave any outgoing event in Google Analytics in the first place?

I assume you have to figure out what the javascript event is in case of that (onclick something?) and then add some custom event on each page?

 

[socialpatterns]

Are you using c-panel? Maybe a cron job type of hack?

Here are some options:

1. Try to remove and clean your site: https://wordpress.org/documentation/article/faq-my-site-was-hacked/
2. Or use Wordfence / Sucuri Paid service
3. Start from scratch, new WordPress install (Export for all your posts/pages, etc)

Prevent in the future:
Harden your site: https://wordpress.org/documentation/article/hardening-wordpress/
Maybe even consider converting a WordPress site jamstack, unless you need a lot of dynamic functionality, etc.

 

[freshpeppermint]

Yo guys so my sites got hacked and I think I got all of it fixed but like you guys know what to do with like there's 100k or 1 mil pages indexed on search console. When I do site:mysite it shows japanese things but like when I click on these (even on a proxy) it sends me to my homepage.

Also is there a way to confirm/know whether the hack is removed or not?

 

[Ryuzaki]

Yo guys so my sites got hacked and I think I got all of it fixed but like you guys know what to do with like there's 100k or 1 mil pages indexed on search console. When I do site:mysite it shows japanese things but like when I click on these (even on a proxy) it sends me to my homepage.

Also is there a way to confirm/know whether the hack is removed or not?

They should not redirect to your homepage. You should be showing a 404 or 410 HTTP error code, period.

With a redirect it could be a matter of cloaking where googlebot sees the spam and humans see the redirect. I can’t say for certain. Look up how to view a page as googlebot. It’s easy.

Past that I’ve shared a ton of times about how to create sitemaps of the spam pages and uploading them temporarily to Search Console so you can get the 44 or 410 pages recrawled and dropped from the index. You can watch it occur in the Coverage Report.

Search the forum for “coverage report” posted by “Ryuzaki” and you’ll find tons of guidance.

 

[bernard]

If you're not tech savvy enough to clean up a hack, and most aren't, then I recommend paying someone like Succuri to clean it. They have a yearly insurance subscription model.

 

[illmasterj]

WP question: Does anyone know of a simple way to be able to use Gutenberg for Post Categories or WooCommerce Product Categories?

 

[freshpeppermint]

Yo what do I do to fix this? I tried lower crawl thing by setting it to low setting but siteground is still telling me this:

  Hits  IP Address     UserAgent

  ----- -------------- ------------------------------------------------------------------------------------------------------------

  63344  66.249.72.175 Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/ ...... e; Googlebot/2.1; +http://www.google.com/bot.html)

it's showing me that 3 of my sites are getting these high CPU usage. It's closing my entire hosting account. The weird thing is these aren't even the highest traffic site. I don't know what to do. Anyone know how to fix this?

 

[Ryuzaki]

@freshpeppermint, that seems to be a legit Googlebot, but why it would be hitting your site 63,344 times, I have no clue. You didn't post a time frame. You could block that IP address for a few days and see if it slows it down by unblocking it later. Siteground should be able to help you do that or you can look up how to do it in cPanel if you use it, .htaccess on an Apache server, etc. It should be a 3 minute ordeal to block it or at least put a delay on it (which you can also do).

 

[DarkRed]

Yo what do I do to fix this? I tried lower crawl thing by setting it to low setting but siteground is still telling me this:

  Hits  IP Address     UserAgent

  ----- -------------- ------------------------------------------------------------------------------------------------------------

  63344  66.249.72.175 Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/ ...... e; Googlebot/2.1; +http://www.google.com/bot.html)

it's showing me that 3 of my sites are getting these high CPU usage. It's closing my entire hosting account. The weird thing is these aren't even the highest traffic site. I don't know what to do. Anyone know how to fix this?

Put Cloudflare CDN before your server. It should help dramatically

 

[freshpeppermint]

Ok so my CPU usuage was very HIGH. The way I found fix was there was a plugin folder in my plugins. It was called "RevSlider". I deleted it from all my hacked sites and I guess the issue was fixed.

Hey can't I do this?

So with the hack, I believe all URLs have mysite.com/? <- it has the little question mark after. So can't I post this in Search Console just put in mysite.com/? and then select
Remove all URLs with this prefix.

Is this the right way/move or will this screw up my entire sites?

I did it. let's hope I did the right thing. (EDIT: There's like millions of pages I checked the coverage report but there was no way to make the sitemaps for all this pages. I am assuming I'd have to do this manually for every url right?)

Nvm I got it. I just followed this video, you don't even need to understand what he's saying:

 

[bernard]

ChatGPT sure is a helpful and knowledgeable tutor in coding. Stackoverflow can get lost lol.

 

[dimasahmad111]

Hello, Buso.

i wonder how those pages work, and how to develope it on wordpress. any suggestion how to create and detect location user searcher on google and display our pages based on user location that searching on search engine?

Thank you.

 

[Ryuzaki]

@dimasahmad111, this really has nothing to do with Google or searchers coming through a search engine. You can do this for any visitor and this isn't data you can fetch from Google on the fly anyways.

Since you're working with Wordpress you'll want to use PHP to capture data from the user. Here's an example of information from Stack Overflow (that I haven't tested or really reviewed but at a glance) that shows what's possible:

$user_agent = $_SERVER['HTTP_USER_AGENT'];  // user browser info
$ip_address = $_SERVER["REMOTE_ADDR"];   // user ip address
$page_name = $_SERVER["SCRIPT_NAME"];   // page they're looking at
$query_string = $_SERVER["QUERY_STRING"];   // what query they used

All you really need to do is capture the IP address and then send that off to some kind of API that'll tell you the country and city that the user is from. Basically, you send in your API key and some JSON that includes the IP address and request back their country and city. That might look like this:

$url = json_decode(file_get_contents("http://api.whatever.com/?key="userapikey"?ip=".$_SERVER['REMOTE_ADDR']."&format=json"));
$country=$url->countryName;  // user country
$city=$url->cityName;  // city

Again I'm just trimming crap I found on Stack Overflow, which is what you should use for further investigation. This should point you in the right direction. Now that you have their city name (or zip code or anything else you chose to get from the API) you can display it back to them. Hot moms in your area are waiting on you!

 

[bernard]

What's the best way to post on Wordpress using Python these days?

There is the wordpress_xmlrpc library, but it doesn't seem to be maintained has some deprecations that break it.

 

[Ryuzaki]

What's the best way to post on Wordpress using Python these days?

There is the wordpress_xmlrpc library, but it doesn't seem to be maintained has some deprecations that break it.

I was going to say that XML-RPC is the intended way, but I'm not aware of what problems are now in it.

I once had a bot built for a giant PBN where we used the Python "requests" library to log in and post everything, simulating clicks on elements and all that. It worked just fine. It was set up to iterate through a spreadsheet, adding content from cells, grabbing images from folders with the file name in the cell, adding alt-text, and so forth.

I recently coded something similar to this (fetching posts, not adding them) that logs in, grabs cookies and stores them (a critical step), and does the whole she-bang. I did this with PHP (with cURL) and Javascript, then did a lot of display stuff with HTML, CSS, jQuery. I only say this to say that it's all possible to do without XML-RPC in whatever scripting language.

 

[smithy]

Does anyone know how to delay the execution of Google Tag Manager without it breaking analytics, or know of some kind of workaround?

I can delay JavaScript Execution in WP Rocket, but it breaks my analytics.

Google Tag Manager seems to be the biggest factor affecting my LCP score, which only started failing after the March update, so I would like to fix it.

 

[Ryuzaki]

@smithy, I imagine delaying the entirety of the Google Tag Manager script itself wouldn't be good, but it can be done simply using something like Javascript's setTimeout function, though that's not that helpful because it'll be a static amount of time like 3 seconds, etc. You'd be better off detecting an event like "DOMContentLoaded" and then fire the Tag Manager script. This page talks about doing that.

Another thing is if you're using Tag Manager to load your analytics, facebook pixel, and a bunch of other stuff, what you could do is within the Tag Manager dashboard delay the loading and firing of specific scripts, the ones that are less important to you. This page has examples of how to do that. I'm not sure if that delays loading or just delays execution though.

It seems to me that having everything you're using Google Tag Manager for getting the data it requires is more important that improving your Largest Contentful Paint. Google claims that it the Page Experience metrics aren't "that" important (very minor factors). Who knows these days as they continue to contradict themselves.

 

[bernard]

That feeling when you try to build yourself a tool from the ground up because it doesn't exist and halfway through you realize that it doesn't exist because it is a pain to make.

Then go back and ask ChatGPT how to hack wordpress to sort of get it done.