linglis17

Just wanted to give an update. It was not the WP-Optimize (even though it shows tons of errors on the error log since adding and paid version) but it is a RankMath plugin. I didn’t notice this previously when deactivated plugin. Today, I checked .htaccess, malware/corruption, etc. Restarted on checking plugins. I deactivated and no change but then walked away for a couple of minutes and when I returned, post opened no problem.

Thanks DevonLabs and Lost in Press for all the suggestions. I went back and confirmed WP up to date, tried changing themes, checked other plugins. Next, I changed Permalink to “Plain”, purged cache and was able to access the post. I changed Permalink back to “Post name”, purged cache and same problem exists.

At this point, I called hosting provider as they’re usually helpful and the tech said since changing the Permalink to Plain fixed the access problem, it is a “caching issue” most likely stemming from my WP-Optimize plug in. He said to give it 24 hours or so and I should be able to access post properly.

If this sounds sketchy or incorrect and I need to continue investigation, please let me know. Otherwise, I will wait and message back if the problem does not resolve.

Soooo after an hour and deciding to post here, I accidentally figured it out. The information here Contact Forms for WordPress Sites – Jetpack didn’t work but I clicked on the top left toggle to add a field to my page, scrolled down and voila, there were form fields, which I clicked and they appeared. Sorry for the inconvenience but I guess it’s been a long day…

Okay so to update, Wordfence shows I’m protected, no problems. 404 monitor still shows attacks. Spent some time on phone with Netsol today and they basically say with the security in place I should be fine. Of course, nothing I can do to stop attacks – after all, they know where I’m at now.

I guess I’m wondering how to proceed. How do I get my wp-config, etc, etc. Do I download an ftp file client to see if there is code interjected somewhere?

I just updated Wordfence to paid.

Thank you both for the information. I’ve read through both and am not sure I can do everything needed because there is a disconnect between my knowledge and recommendations.

I updated passwords for my database as well as my wp login.

I’ve deleted a few plugins that I thought I could do without. I now have eight.

I have all my services with Netsol. They use Codeguard and the last successful database backup was in May. I’ve been unable to update to the latest WP until I paid for their support services and finally got hold of someone yesterday who took the time to manually update it for me. I guess I can restore a previous version but then I’m back to an outdated WP and have learned their paid support may take weeks for to update again. (Bashing Netsol is not going to help me – it is what it is).

I ran the Sucuri Sitecheck and show no malware and not blacklisted. There are three security suggestions, one of which is to install WAF – Any benefit to Sucuri vs Wordfence? I have the free version of Wordfence now <obvioiusly not enough.

The other two suggestions…I’m not sure I know where to begin even after clicking through to instructions mainly because I only know how to access files for Theme Editor and myPHPAdmin. How do I get to everything else? Or am I overlooking?

I need to edit the above information regarding WooCommerce. I do not have two folders in myPHPAdmin for WC (they are for Yoast which I had at one point but no longer have).

I’m unable to do anything with Web.com – they own NetSol. Since my initial post I’ve gone pretty far up engineering/tech support to dig deeper to see if anything is amiss on that end.

Is there an option to manually updating as the instructions are quite daunting.

### wp-core ###

version: 5.2.4
site_language: en_US
user_language: en_US
permalink: /%postname%/
https_status: true
user_registration: 0
default_comment_status: open
multisite: false
user_count: 2
dotorg_communication: true

### wp-paths-sizes ###

wordpress_path: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8
wordpress_size: 52.27 MB (54804253 bytes)
uploads_path: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8/wp-content/uploads
uploads_size: 17.64 MB (18495341 bytes)
themes_path: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8/wp-content/themes
themes_size: 6.39 MB (6705630 bytes)
plugins_path: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8/wp-content/plugins
plugins_size: 36.27 MB (38035188 bytes)
database_size: 9.45 MB (9912320 bytes)
total_size: 122.03 MB (127952732 bytes)

### wp-active-theme ###

name: FlashWP PRO (flashwp-pro)
version: 1.0.0
author: ThemesDNA
author_website: https://themesdna.com/
parent_theme: none
theme_features: automatic-feed-links, title-tag, post-thumbnails, menus, html5, custom-logo, custom-header, custom-background, editor-style, woocommerce, widgets
theme_path: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8/wp-content/themes/flashwp-pro

### wp-themes-inactive (2) ###

FlashWP: version: 1.0.1, author: ThemesDNA
Twenty Seventeen: version: 2.6, author: the WordPress team

### wp-mu-plugins (2) ###

Health Check Troubleshooting Mode: author: (undefined), version: 1.7.2
Web.com - Plugin/Theme Auto Updater: version: 1.0.0, author: Web.com

### wp-plugins-active (13) ###

Broken Link Checker: version: 1.11.5, author: Janis Elsts, Vladimir Prelovac
Call Now Button: version: 0.4.0, author: Jerry Rietveld
Contact Form 7: version: 5.0.1, author: Takayuki Miyoshi
Head, Footer and Post Injections: version: 3.1.6, author: Stefano Lissa
Health Check & Troubleshooting: version: 1.4.5, author: The www.remarpro.com community
JSM's Force HTTP to HTTPS: version: 3.1.1, author: JS Morisset
Rank Math SEO: version: 1.0.47.1, author: Rank Math
Really Simple CAPTCHA: version: 2.0.1, author: Takayuki Miyoshi
Really Simple SSL: version: 3.2.9, author: Rogier Lankhorst, Mark Wolters
TinyMCE Advanced: version: 4.6.7, author: Andrew Ozz
Web.com - Cache Manager: version: 0.1.0, author: Web.com
Wordfence Security: version: 7.1.10, author: Wordfence
WP Smush: version: 2.7.8, author: WPMU DEV

### wp-plugins-inactive (3) ###

Blog2Social: Social Media Auto Post & Scheduler: version: 6.5.8, author: Blog2Social, Adenion
Google XML Sitemaps: version: 4.0.9, author: Arne Brachhold
TablePress: version: 1.9, author: Tobias B?thge

### wp-media ###

image_editor: WP_Image_Editor_Imagick
imagick_module_version: 1690
imagemagick_version: ImageMagick 6.9.10-68 Q16 x86_64 2020-04-01 https://imagemagick.org
imagick_limits: 
	imagick::RESOURCETYPE_AREA: 63 GB
	imagick::RESOURCETYPE_DISK: 9.2233720368548E+18
	imagick::RESOURCETYPE_FILE: 768
	imagick::RESOURCETYPE_MAP: 63 GB
	imagick::RESOURCETYPE_MEMORY: 31 GB
	imagick::RESOURCETYPE_THREAD: 4
gd_version: 2.3.0
ghostscript_version: 9.25

### wp-server ###

server_architecture: Linux 3.10.0-1160.15.2.el7.x86_64 x86_64
httpd_software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 mod_fcgid/2.3.9 PHP/7.2.34
php_version: 7.2.34 64bit
php_sapi: apache2handler
max_input_variables: 2000
time_limit: 180
memory_limit: 256M
max_input_time: 60
upload_max_size: 100M
php_post_max_size: 100M
curl_version: 7.29.0 NSS/3.53.1
suhosin: false
imagick_availability: true
server-headers: 
	server: openresty/1.17.8.2
	date: Fri, 19 Mar 2021 21:40:42 GMT
	content-type: text/html; charset=UTF-8
	vary: Accept-Encoding
	x-webcom-cache: enabled
	x-powered-by: PHP/7.2.34
	expires: Wed, 11 Jan 1984 05:00:00 GMT
	cache-control: no-cache, must-revalidate, max-age=0
	link: Array
	strict-transport-security: max-age=31536000
	x-content-type-options: nosniff
	x-frame-options: SAMEORIGIN
	x-xss-protection: "1; mode=block"
	referrer-policy: no-referrer-when-downgrade
	x-webcom-cache-status: MISS
	content-encoding: gzip
htaccess_extra_rules: true

### wp-database ###

extension: mysqli
server_version: 5.7.27-30-log
client_version: mysqlnd 5.0.12-dev - 20150407 - $Id: 3591daad22de08524295e1bd073aceeff11e6579 $

### wp-constants ###

WP_HOME: undefined
WP_SITEURL: undefined
WP_CONTENT_DIR: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8/wp-content
WP_PLUGIN_DIR: /data/user5/2020/34/17228/wordpress/.a2d9c0fd6720cd8a8684dd52ef32deb8/wp-content/plugins
WP_MAX_MEMORY_LIMIT: 256M
WP_DEBUG: false
WP_DEBUG_DISPLAY: true
WP_DEBUG_LOG: false
SCRIPT_DEBUG: false
WP_CACHE: false
CONCATENATE_SCRIPTS: undefined
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_LOCAL_DEV: undefined

### wp-filesystem ###

wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
mu-plugins: writable

I don’t know if this is relevant but I was reading through some other posts and noticed where someone mentioned perhaps a WP IP address is blocked. I think I permanently blocked 10.30.88.254 recently because Wordfence is constantly telling me attacks from this IP are blocked <can’t quite figure out how to unblock at this point. May be unrelated.

When I chhose troubleshoot, plugins are disabled but I’m unsure what to do next.

Site Health
Good
Status
Info
Troubleshooting
Tools
SSL activated! Don’t forget to change your settings in Google Analytics and Webmaster tools. More info.

Dismiss this notice.
review-logo
Hi, Really Simple SSL has kept your site secure for a month now, awesome! If you have a moment, please consider leaving a review on www.remarpro.com to spread the word. We greatly appreciate it! If you have any questions or feedback, leave us a message.

– Rogier
Leave a review
Maybe later
Don’t show again
Dismiss this notice.
Site Health Status
The site health check shows critical information about your WordPress configuration and items that require your attention.

4 Recommended improvements
You should remove inactive pluginsSecurity
Plugins extend your site’s functionality with things like contact forms, ecommerce and much more. That means they have deep access to your site, so it’s vital to keep them up to date.

Your site has 14 active plugins, and they are all up to date.

Your site has 2 inactive plugins. Inactive plugins are tempting targets for attackers. If you’re not going to use a plugin, we recommend you remove it.

Manage your plugins

Manage inactive plugins

Have a default theme availableSecurity
Themes add your site’s look and feel. It’s important to keep them up to date, to stay consistent with your brand and keep your site secure.

Your site has 3 installed themes, and they are all up to date.

Your site has 2 inactive themes, other than twentynineteen, the default WordPress theme, and FlashWP PRO, your active theme. We recommend removing any unused themes to enhance your site’s security.

Your site does not have any default theme. Default themes are used by WordPress automatically if anything is wrong with your normal theme.

Manage your themes

Your PHP version should be updatedPerformance
PHP is the programming language we use to build and maintain WordPress. Newer versions of PHP are both faster and more secure, so updating will have a positive effect on your site’s performance.

Learn more about updating PHP (opens in a new tab)

Background updates may not be working properlySecurity
Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.

Passed No version control systems were detected.
Passed Your installation of WordPress doesn’t require FTP credentials to perform updates.
Warning Couldn’t retrieve a list of the checksums for WordPress 5.2.4. This could mean that connections are failing to www.remarpro.com.
Passed tests

Hi Steven, in dealing with Netsol I’ve learned that I am in fact running PHP 7. I am unable to update WP beyond 5.2.4. Can you provide any guidance?

Thanks so much Steven for your guidance. They were less than helpful. Long story short, they are holding me hostage to upgrade to their Unix hosting package but I’m less than inclined to comply so I’m going to find another provider.

I do have one last question. In theory, should I expect a decline in ranking/traffic until I make the move? I plan to do so asap but thinking it may be a few days to make the switch.

I’m on the phone with them now because I just received an email stating they are unable to update to 7.4. Is there a reason they may not be able to that you know of?