Forum Replies Created

Viewing 15 replies - 1 through 15 (of 18 total)
  • It is an e-shop, and it seems to use an Arabic script. Does make sense for a Saudi Arabia TLD. Have you been infected once? Because Google doesn’t just randomly block any e-shop site, somebody must have reported it, and they manually review the report. Either somebody falsely reported your site as malicious, or your site must have been infected somewhat recently, and if you found it out before Google marked your site as malicious, then you’ll have to appeal. If you didn’t find anything, then it might be good idea to look for alternatives, if common WFAs couldn’t find any threats. If it is a false positive (meaning somebody falsely reported it), then you’ll have to explain to Google what your site is, it may be possible that the reviewing person doesn’t understand Arabic.

    EDIT: I received an email update for this post, and because it contains a link to a website marked by Google as malicious (I use Gmail), it sent it right into my Spam folder.

    • This reply was modified 1 year, 5 months ago by CZghost.

    Looks like your site has a theme that is using a different encoding than UTF-8. Seems strange, when UTF-8 is used almost everywhere and is de facto a standard in international encoding. One solution would be to edit the theme files so the included header charset meta tag says <meta charset="utf-8" /> or <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />. But this solution is rather temporary as with the next theme update, the charset change is lost. Another solutions are eighter contact the theme author that they seem to misconfigured the encoding of the theme, or chose wrong encoding and it breaks your site, or just choose a different theme. Seems strange since WordPress is using UTF-8 encoding and therefore themes should be in UTF-8 encoding as well.

    One another possible culprit may also be a browser extension that changes default encoding. Google Chrome from what I know by default doesn’t let you change encoding, it stricly follows what is set on the site, but if the site has wrong setting or has no setting at all, default encoding of the system is used, which in case of Windows is 8bit regional ANSI codepage (for Central Europe, it’s Latin-2, CP-1250, which is Windows encoding, rather than ISO). On Linux, that encoding is UTF-8. For example I am using Charset extension on Chrome, which I have set to implicit UTF-8 instead of system. It does break some pages that use different encodings than UTF-8, but it’s just a matter of changing it to the correct encoding. I have it because otherwise, when I’m exploring a web FTP directory listings that run on Linux Apache server (which returns UTF-8 encoded HTML), UTF-8 characters are displayed as two or more in Windows, since it uses system default instead, the HTML that’s rendered by Apache doesn’t have a charset specification, which I see as a big hiccup at the Apache devs end. Other browsers may have this feature built in (notably Firefox), so I’d check charset settings in your browser. Or, your browser is set up correctly, which means your site has issues. You can change your browser charset for that site to UTF-8 to correct these issues manually (on Chrome, you need an extension for this, which is what made me frustrated when I couldn’t find it anywhere).

    Also, howdy from Czechia, good to see a fellow here ?? Nazdar ??

    No, because I can’t even activate it. It turns out I need InnoDB MySQL engine to use Wordfence’s 2FA, and my website hosting doesn’t provide that for free hosting plan and 3rd level domains, which I am using. So I can’t even activate 2FA, because it doesn’t work on MyISAM engine. Well, turns out that even if this feature is free in Wordfence, it doesn’t always come out free somewhere else. Anyway, I’m planning on upgrading my websites to 2nd level domain and purchasing a Plus plan, which will grant me access to InnoDB engine as well, and as well having access to HTTPS finally ?? Yeah, my websites cannot even work with HTTPS because of free webhosting. Before I’m able to upgrade though, I need to get a good job so I could afford it in a long term.

    Thread Starter CZghost

    (@czghost)

    So, as it turns out, my hosting provider does support InnoDB engine, but only for paid subscription. I have free subscription of hosting, so I have only MyISAM available.

    I don’t need the two factor auth right now, so I’ll wait with it until I am able to upgrade. Thanks for help.

    Thread Starter CZghost

    (@czghost)

    My hosting provider is Endora.cz. I guess they’re not using InnoDB, they’re eighter using MariaDB or original MySQL for database server. The database shouldn’t be really the cause, because posts and such things are just fine, no error while saving drafts or publishing posts.

    Thread Starter CZghost

    (@czghost)

    From original reply (held on moderation, I don’t know if it is visible or not):
    Okay, so it seems that there is some issue with database, however I cannot find exactly the one you wrote. I get this instead:
    [posted log]

    The edits are because of backticks breaking it apart.
    I guess better read there: https://pastebin.com/U6wPDiCM

    • This reply was modified 4 years, 7 months ago by CZghost.
    • This reply was modified 4 years, 7 months ago by CZghost.
    Thread Starter CZghost

    (@czghost)

    Okay, so it seems that there is some issue with database, however I cannot find exactly the one you wrote. I get this instead:

    [23-Apr-2020 23:43:34 UTC] WordPress database error Table
    'czghost.myblog_wfls_settings' doesn't exist for query SELECT 'name', 'value',
    'autoload' FROM 'myblog_wfls_settings' WHERE 'name' = 'allow-xml-rpc'
    made by require('wp-blog-header.php'),
    require_once('wp-load.php'), require_once('wp-config.php'),
    require_once('wp-settings.php'),
    include_once('/plugins/wordfence/wordfence.php'),
    require_once('/plugins/wordfence/lib/wordfenceClass.php'),
    require('/plugins/wordfence/modules/login-security/wordfence-login-security.php'), WordfenceLS\Controller_WordfenceLS->init,
    WordfenceLS\Controller_WordfenceLS->_init_actions, WordfenceLS\Controller_Settings->get_bool, WordfenceLS\Controller_Settings->get, WordfenceLS\Settings\Model_DB->get
    
    • This reply was modified 4 years, 7 months ago by CZghost.
    • This reply was modified 4 years, 7 months ago by CZghost.
    • This reply was modified 4 years, 7 months ago by CZghost.
    Thread Starter CZghost

    (@czghost)

    I certainly know I didn’t whitelist my IP. If it did automatically, I cannot tell, but what I know for sure is that when the page was refreshed (with ot without logoff and logon), it reverted back to two factor auth setup, meaning that the two factor auth wasn’t actually set up.

    Whitelisted IP list is empty, and two factor auth isn’t set up. So tested it out again. I’ve set up my two factor auth, saved recovery codes, activated it using Google Authenticator and the code provided, all seemed well (it showed a confirmation message). Refreshed the page and it is reverted back to 2fa setup, meaning nothing has been activated.

    I guess it is worth noting I have Wordfence Free (no paid subscription), so maybe that thing doesn’t work for free users? But then it doesn’t make sense to let users set it up without any notice.

    Thread Starter CZghost

    (@czghost)

    Yes, of course. Nothing. So if it got catched by a spam filter, it might be automatically deleted by Google’s spam filter, not showing in my inbox at all.

    Thread Starter CZghost

    (@czghost)

    I think you misunderstood me when I wrote that update of themes or plugins doesn’t work. Themes and so on work just fine, but I can’t even update WordPress on my second site. I can use the themes, otherwise I’d get 500 internal error if some of used plugins and themes were faulty or it wouldn’t activate. Since I already deleted faulty plugins and themes work just fine, I guess that’s an issue on the hosting side. I’ll try to contact my hosting site and see what solutions they are going to offer. Maybe I am wrong, maybe not. The whole point is that WordPress was supposed to send instructions on what to do to e-mail, nothing showed up in my inbox. My WordPress installation knows what’s wrong, so I guess that e-mail would offer some tips to check if that’s the correct assumption. I’ll contact my hosting provider, because I guess that WordPress lacks necessary permissions for update and I need to solve that.

    Thanks anyway ??

    Thread Starter CZghost

    (@czghost)

    Oh, I almost forgot. I can’t even search new plugins to be installed (since I have to find an alternative to plugins I had to delete due to 500 error preventing me to access administration).

    Thread Starter CZghost

    (@czghost)

    Well, it’s up to you. This was just a suggestion, nothing to really deal with… Anyway, thank you ??

    Thread Starter CZghost

    (@czghost)

    Too late. I’ve already moved my blog to subdirectory using plain oldschool new install technique. I’ve backed up all plugins, files, themes, posts, pages and all data, and then did fresh new install and imported those files and data back. You know, I won’t leave my sites non-working waiting until someone suggests a plugin for moving blog site.

    Anyway, thank you for suggestion, may come handy in future ??

    Thread Starter CZghost

    (@czghost)

    To make things clearer: now WordPress úSES this piece od code to get user’s IP: $_SERVER['REMOTE_ADDR'] which gets buggy on proxies. To make sure server gets really user’s IP, it should be replaced with $_SERVER['HTTP_X_REAL_IP'] or $_SERVER['HTTP_X_FORWARDED_FOR'] if the site runs under proxy.

    Thread Starter CZghost

    (@czghost)

    From HTTP_X_FORWARDED_FOR and HTTP_X_REAL_IP headers. Developers that work with such things like PHP should know this… I say users that run WordPress under proxy server are now forced to download plugins that even do not work correctly. Someone should do something with that…

Viewing 15 replies - 1 through 15 (of 18 total)