authentictech

Thanks bro

I can’t be too specific but the last major thing I did a few days before I noticed the issue was update WP to 4.8.1. I am sure I would have noticed it before then but could have missed it just after updating. I only work on the site about once a week so, if it was due to anything I did, I’d have to put the start of the issue at around the time of updating WP.

I was wrong about it being related to rich text widgets because the same thing happens in page posts.

As seen here: https://www.drangeladams.com/facebook-members-temporary-test/

Thanks again!

• This reply was modified 7 years, 7 months ago by authentictech.

I’ve replaced the plugin with another but if you want me to create a page with the plug-in active I can do so.

@wnthne Your hosting control panel might have a feature for blocking IP addresses; otherwise use this:

<Limit GET POST HEAD>
order allow,deny
deny from X.X.X.X
</Limit>

Check and make sure that it is not something to do with https://developers.facebook.com/roadmap/

Facebook has made some changes to their comments system which may stop this plugin working properly.

This plugin may need to be upgraded but, as you can see, it has not been for a while.

Sorry replied to wrong post.

Thats’s OK. I can’t spend much time on it either as it is someone else’s site and I am not being paid to fix it. As long as the other plugin makes it work the owner is happy.

I thought this might be worth mentioning, as I had set up PHP logging and I found this entry:

[12-Feb-2012 19:54:13] PHP Warning: session_start() [function.session-start]: Cannot send session cache limiter – headers already sent (output started at /wp-includes/functions.php:3587) in /wp-content/plugins/si-contact-form/si-contact-form.php on line 1810

Could this be a problem?

P.S. If you’re curious, Mike, I can give mail you a login but, otherwise, no problem.

I used the WP SMTP Config plugin as the WP Mail SMTP plugin mentioned on your help page is not marked as compatible with WordPress 3.3.1. That has caused messages to now be sent.

I’m curious, assuming I did correctly try all steps on https://www.fastsecurecontactform.com/email-does-not-send would there be any particular issue that you think is likely the cause of this problem? The reply from the webhost (Servage.net) suggests they do not have any measures in place that could be deliberately blocking the form messages.

Anyway, it might be impossible to answer this without logging into the website but as it is working now I won’t take up more of your time with that option.

Thanks.

Thanks. I had used that page as a checklist previously to eliminate all the reasons.

I am just waiting to hear back from the web host about a few things.

I did also just deactivate and delete the plugin and then install a fresh copy with default settings but it didn’t send form messages either (although the FSCF tests worked with all 3 mailer functions).

I may also try WP Mail SMTP plugin. Then I may open a ticket if I don’t get anywhere with that.

Regards.

Your articles are stored in the database so you shouldn’t lose your content. To be on the safe side, do a database backup and your entire wp-content folder (which you can check for malware scripts after downloading them – a good A/V package should detect anything unusual).

You can also back up your wp-config.php file – it shouldn’t be replaced by a new WordPress installation but there’s no harm in being cautious.

Back up .htaccess to if you have made any changes to it. Then compare with the new one and re-add any changes you previously made to the old one (making sure they aren’t malicious changes added by the hacker of course).

Ah, yes, an extra couple of line breaks at the end of my functions.php file was the culprit.

Do you know why it only causes problems when using shortlinks? I’m kind of curious about the mechanism behind that.

Thanks a lot for your help, Kevin.

You will often find a malware script inserted into the HTML of the index.php page and surrounded by <script> tags like this:

#618404#
echo(gzinflate(base64_decode("<random characters here>")));
#/618404#

where <random characters here> is a long list of seemingly random characters.

The easiest option may be to reinstall WordPress using the Dashboard but backup your wp-content directory first and any other custom files. Then check your custom files for those script tags above (or similar) and delete the tags.

Then I strongly suggest changing your FTP passwords to prevent further infections.

You will then need to let Google know you have removed the malware so your website is not reported as malware any longer.

Hope that helps.

Thank you for being so open and responsive to feedback, one of the most of all plug-in authors I’ve encountered.

Thanks for letting me know. It’s working fine after the upgrade to 3.1.2.

Much appreciated! ??

Ah thank you. Sorry I didn’t read the FAQs.