outofnowhere

Hi Peter,

Thank you so much for taking the time to respond so thoroughly.

As it turns out, I had asked my server admins to write a script to block attacks on xmlrpc, in which an IP would be blocked after so many requests within a certain time period. Unfortunately, they wrote the script to include requests for wp-login (no problem) AND admin-ajax. When a website admin worked on a site, they quickly met the criteria for an IP-block based on the number of requests to admin-ajax, and their IPs were blocked from accessing the site and host server.

Although I didn’t believe Wordfence could have been the problem, I just had to rule it out.

Your response was not wasted, however. Although the problem has been resolved, I still followed the instructions on ALL of your instructions and I learned much more about Wordfence that will be very helpful in the future.

With gratitude, Mary Beth

Sure. They also just permanently removed the Hotel Booking Styles from WP. I think they might be in some trouble.

We are getting sql injection warnings when working on it.

• This reply was modified 3 years, 1 month ago by outofnowhere.

Hi, I just wanted to follow up to let you know I figured it out.

In the Child Theme page.php, we had code that needed to be updated. It originally was:

<div id=”inner-banner”>
<div class=”container”>
<h1><?php echo oceanwp_title() ?></h1>
</div>
</div>

I changed:
<?php echo oceanwp_title() ?>
to
<?php echo oceanwp_has_page_title() ?>

It took a lot of searching but I eventually was able to find “known issues” on your site which helped me identify what to change.

Thanks, Mary Beth

I guess what I failed to mention is that every page in the site previously had content in the descriptions that was custom-written. At some point, it all went away.

Have you had any experience with why all the content in the description table would get wiped?

Here is the meta data from a page I didn’t fix:

<!-- This site is optimized with the Yoast SEO plugin v16.8 - https://yoast.com/wordpress/plugins/seo/ -->
	<title>Crime Insurance Fidelity Bonds Insurance Expert Witness | Burl Daniel</title>
	<link rel="canonical" href="https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/" />
	<meta property="og:locale" content="en_US" />
	<meta property="og:type" content="article" />
	<meta property="og:title" content="Crime Insurance Fidelity Bonds Insurance Expert Witness | Burl Daniel" />
	<meta property="og:description" content="View Crime Insurance / Fidelity Bonds Cases Crime Insurance is sometimes referred to as an Employee Dishonesty Bond or Fidelity Bond. Most coverage is now written as 2-party insurance (employer-insurance company) rather than as a bond. Crime Insurance can be difficult to properly structure during underwriting, and commonly presents difficulties at claim time: What dollar [&hellip;]" />
	<meta property="og:url" content="https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/" />
	<meta property="og:site_name" content="Burl Daniel" />
	<meta property="article:modified_time" content="2017-10-11T16:41:14+00:00" />
	<meta name="twitter:card" content="summary_large_image" />
	<script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebSite","@id":"https://www.burldaniel.com/#website","url":"https://www.burldaniel.com/","name":"Burl Daniel","description":"Insurance Expert Witness","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://www.burldaniel.com/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/#webpage","url":"https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/","name":"Crime Insurance Fidelity Bonds Insurance Expert Witness | Burl Daniel","isPartOf":{"@id":"https://www.burldaniel.com/#website"},"datePublished":"2013-12-19T19:29:54+00:00","dateModified":"2017-10-11T16:41:14+00:00","breadcrumb":{"@id":"https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/"]}]},{"@type":"BreadcrumbList","@id":"https://www.burldaniel.com/crime-insurance-fidelity-bonds-insurance-expert-witness/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.burldaniel.com/"},{"@type":"ListItem","position":2,"name":"Crime Insurance Fidelity Bonds Insurance Expert Witness"}]}]}</script>
	<!-- / Yoast SEO plugin. -->

Hi,
Sorry for my delayed response. I finally got the time to set up a staging site.

I checked the files in the child theme. There were quite a few. I didn’t build the site, so I don’t have the history.

I did narrow the issue down to a page.php file. It doesn’t look like your page.php changed with the last release, according to a cursory look.

They had added code to the top of the file and when I commented it out, the site was fixed. Unfortunately, the code I commented out also brings up a banner image with the page title on it. The code they add is the two <div>s.

<?php
/**
 * The template for displaying all pages.
 *
 * This is the template that displays all pages by default.
 * Please note that this is the WordPress construct of pages and that other
 * 'pages' on your WordPress site will use a different template.
 *
 * @package OceanWP WordPress theme
 */

get_header(); ?>

<div id="inner-banner">
<div class="container">
<h1><?php echo oceanwp_title(); ?></h1>
</div>
</div>

	<?php do_action( 'ocean_before_content_wrap' ); ?>

I do realize this really isn’t your problem to fix because it appears the error is in the child theme. I’m not sure what would have changed with the most recent update of the theme that would make this not work. I can also send you what is in the child’s functions.php if you think it might help. Again, if this is outside of what you can support, I completely understand.

Thanks!

Thank you for your reply. Because there was such a delay in getting a response, my client decided to switch to a different method and we have removed the Sensei plugin.

Yes. Will do. Thank you. You are the best! Thank you so much for responding to my inquiry.

OK. I did a test. I signed up for a membership and the server logs showed only one email sent to me and one to the website admin.

I looked at the debug log and there was nothing odd about it. Should I leave it on for a while to see if it will log when this happens again? Actually, it did happen again earlier today, but there were 13 emails sent, not 22 like before.

When I tried to reregister the second time, it wouldn’t let me. It told me the username and email were already taken.

It does sound like spamming; however we have reCaptcha checkbox enabled and I’m not sure how someone would be able to register, with reCaptcha, 22 times in the same second, especially when there is a block to having two accounts with the same username and email.

?????

I’ll check the debug logs the next time this happens and let you know. If you have any other ideas, let me know. It’s quite concerning.

Thanks!

Absolutely. How can a person sign up 22 times in the same minute, when they become a member the first time. Would it not block the last 21 times because they are already a member?

Thank you SO MUCH for responding!

The child theme we are using is: oceanwp ChildVersion: 1.0.25.

I don’t have debugging turned on. My client has a critical fundraiser coming up, so I can’t update the theme to reproduce the error while preparing and having this event. I guess I could do it in the middle of the night, but I like to sleep. ??

Here is the System Information from Elementor:

Server Environment		
Operating System:	Linux	
Software:	Apache	
MySQL version:	MariaDB Server v10.3.30	
PHP Version:	7.3.28	
PHP Max Input Vars:	8000	
PHP Max Post Size:	20M	
GD Installed:	Yes	
ZIP Installed:	Yes	
Write Permissions:	All right	
Elementor Library:	Connected	
WordPress Environment		
Version:	5.7.2	
Site URL:	https://dontforgettofeedme.org	
Home URL:	https://dontforgettofeedme.org	
WP Multisite:	No	
Max Upload Size:	256 MB	
Memory limit:	1024M	
Permalink Structure:	/blog/%postname%/	
Language:	en-US	
Timezone:	5.5	
Debug Mode:	Inactive	
Theme		
Name:	oceanwp Child	
Version:	1.0.25	
Author:	Travel Insights Writer	
Child Theme:	Yes	
Parent Theme Name:	OceanWP	
Parent Theme Version:	2.1.0	
Parent Theme Author:	Nick	
User		
Role:	administrator	
WP Profile lang:	en_US	
User Agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36	
Active Plugins		
Contact Form 7 - 5.4.1	By Takayuki Miyoshi	
Duplicate Page - 4.4	By mndpsingh287	
Elementor - 3.2.5	By Elementor.com	
Elementor Addon Elements - 1.11.6	By WPVibes	
Gallery Custom Links - 2.0.3	By Jordy Meow	
Increase Maximum Upload File Size - 2.0.4	By Imagify	
Insert Headers and Footers - 1.6.0	By WPBeginner	
Invisible reCaptcha - 1.2.3	By Mihai Chelaru	
ManageWP - Worker - 4.9.8	By GoDaddy	
Ocean Extra - 1.7.7	By OceanWP	
Pods - Custom Content Types and Fields - 2.7.28	By Pods Framework Team	
Really Simple SSL - 4.0.15	By Really Simple Plugins	
Really Simple SSL pro - 4.1.11	By Really Simple Plugins	
Search Regex - 2.4.1	By John Godley	
UpdraftPlus - Backup/Restore - 2.16.58.25	By UpdraftPlus.Com, DavidAnderson	
Wordfence Security - 7.5.4	By Wordfence	
wpDiscuz - 7.2.2	By gVectors Team	
Must-Use Plugins		
ManageWP - Worker Loader	By GoDaddy	
Elementor - Compatibility Tag		
 Elementor Addon Elements 	 Compatibility not specified

Thank you. That is good to know. This is the recommendation ManageWP has given:

It seems this plugin has no distinction between the free and premium versions in their database (wpscan.com), You already sent a support request on www.remarpro.com to see if this also affected the free version, but if the vulnerability only affects the premium version, you may want to let them know the free version is falsely reported as vulnerable.

We are using the free version. My understanding is that you no longer offer the free version and MC4WP is now a paid add-on. Could that be the problem?

You will have to contact your website host and ask them to install the PHP Extensions the warning message is giving you.

We are having the same issue. We have NextGEN Pro installed and over 60 images in the gallery. Now when we try to add new images we get the Infinite loop error. I have to close my browser to get back into the site. I have tried different browsers with the same results. I have tried deactivating all the plugins and reactivation only NextGEN, with no success.