Sean

Hope you don’t mind me jumping in, but I got the same sort of thing, after a routine update:

This email was sent from your website “XYZ Site” by the Wordfence plugin.

Wordfence found the following new issues on “XYZ Site”.

Alert generated at Friday 14th of October 2016 at 06:55:00 PM

Warnings:

* Modified plugin file: wp-content/plugins/jetpack/_inc/build/admin.dops-style.css

* Modified plugin file: wp-content/plugins/jetpack/_inc/build/admin.dops-style.rtl.css

* Modified plugin file: wp-content/plugins/jetpack/_inc/build/admin.dops-style.rtl.css.map

* Modified plugin file: wp-content/plugins/jetpack/_inc/build/admin.js

* Modified plugin file: wp-content/plugins/jetpack/_inc/build/static.html

* Modified plugin file: wp-content/plugins/jetpack/changelog.txt

* Modified plugin file: wp-content/plugins/jetpack/json-endpoints/jetpack/class.jetpack-json-api-sync-endpoint.php

* Modified plugin file: wp-content/plugins/jetpack/json-endpoints/jetpack/json-api-jetpack-endpoints.php

* Modified plugin file: wp-content/plugins/jetpack/readme.txt

* Modified plugin file: wp-content/plugins/jetpack/sync/class.jetpack-sync-actions.php

* Modified plugin file: wp-content/plugins/jetpack/sync/class.jetpack-sync-defaults.php

* Modified plugin file: wp-content/plugins/jetpack/sync/class.jetpack-sync-settings.php

I went as far as to completely delete Jetpack, ran a WF scan again, which came up clean, then re-installed Jetpack, another WF scan, same warnings. So I completely deleted WF and all its data, then re-installed WF and imported my settings. Same warnings.

In other words, with Jetpack completely gone, WF gives no warnings. Should we be worried?

Yes, it works, when I disable just the minify option in W3. When minify is enabled, it does not show the Pinterest button on hover, but it does show the Pinterest button at the bottom of the post. However, at one point, with minify enabled and you clicked on the Pinterest button at the bottom of the post, it redirects in the same tab to a fairly empty page at pinterest.com with something to create new pin.

As it is right now, minify is enabled and the Pinterest button is showing but only at the bottom of the post, and clicking on it shows the options to pin as it should.

So it would seem there is a conflict with minify in W3. I can’t actually notice a difference in speed, so perhaps I can disable minify, for now?

Many Thanks,
Sean.

I should add, that as far as I know, W3 does not server you cached pages if you are logged in as a WP admin, and yet this Pin it button still does not work.

In summary, it doesn’t look like this is a problem with hosts, so I wouldn’t run away too quickly. If you see a suspicious link in your outbound clicks stats, just ignore it. As has been said, it is either a visitors browser that has been unknowingly infected, or a visitor has deliberately done it, in their own browser, in the hope that site owners would click the link, which in this case appears to be some sort of sleezy advertising/marketing site.

• This reply was modified 8 years, 1 month ago by Sean.
• This reply was modified 8 years, 1 month ago by Sean.

All of them. Now I just logged into my site from another browser (Chrome) and it sends me to the relevant section/page. I normally use Safari, so it appears Safari is to blame. I have cleared cookies and cache from my site and Wordfence, but that made no difference. Either way, this is not a WF problem, but thanks for any help.

Sean.

• This reply was modified 8 years, 1 month ago by Sean.

It seems all updates are working fine now. It was just the major Divi update to 3.0 that gave problems. Further updates from Divi 3.0.1 and up have been working with Shiny.

Scratch the idea about it being my host/server.

I can see the yellow bar, on my iPhone 5 iOS 9.3.4, but not on another Macbook also running Mavericks nor on a PC running Windows 10 using any browser.

This all since updating to WP 4.6 with its new font system. How bizarre.

I deleted browser cookies and cache, and re-installed WP & Updraft, and while it was running, I deactivated every other plugin and also switched themes to WP 2016 (I normally use Divi).

No change, the yellow bar remained elusive, until I clicked ‘Develop > Show Error Console’. But it shows no errors, yet the yellow bar is there, until I close the console.

Should I have initiated the backup after de-activating everything else and switching themes?

The only thing I can think of is it could be something to do with my particular server? I run another site with the same version of WP & UD at the same host but on another shared server, yellow bar shows all the time.

And yet I can still backup, and restore fine and the site appears normal, so I might give up and move on to other things and hopefully it will fix itself with future updates. Or is this indicative of a bigger problem?

Would you be willing to consider paying for premium themes and plugins? It might be hard to find the type of functionality you require with the free stuff. Take a look at https://www.elegantthemes.com But there are plenty other paid themes out there, although Elegant seem to have the best offers I’ve come across.

Yes, I run Wordfence Falcon Engine. I also have some ‘leverage browser cache’ rules in the .htaccess file. But I cleared both without change.

That is true. If a hacker gets into your WP installation, they can delete your remote backups, hence the reason to use yet another level of protection such as Spinbackup, or manually downloading a copy of your backups, and then backing up your computer.

Including my actual site, I have backups in Google Drive, on my laptop, and 2 external drives. So basically, our site which my wife and I have spent the last 2 years building exists in 5 distinctly separate locations. I guess you have to decide how much your work is worth and how far you are willing to go in order to protect it.

It’s sad but true, but there are plenty people out there with nothing better to do than look around only to delete other peoples hard work just for fun.

Various extremely cost effective tools and methods are there for you to use, as well as the horror stories to learn from. Don’t get caught out.

On a side note, the biggest threat to my site so far has been me, myself, and I. I’m the kind of guy who might sort of break something that I own, just to see if I can fix it. And this is where backups have saved my site. The missus also wouldn’t be too pleased if I couldn’t get the site back up ??

To prevent a hacker from deleting your backups, change passwords as frequently as you care to, using the random password generators in both WP and cPanel, and then save those to a password manager, like ‘Keychain’, in the case of a Mac. There are other password manager options for Windows. Also consider using a security plugin like Wordfence, if you haven’t already.

But most importantly, don’t keep the only copy of your backups on the same server as your site. Think eggs in a basket.

You can set UD to upload your backups to a remote site like Google Drive or Dropbox. You can also subsequently download to your computer a copy of your backups directly from your remote site of choice, or from your site using FTP. Your ability to download to your own computer will be affected by the size of your site and/or your local internet connection. Whereas UD will automatically send the backups directly to remote storage regardless of your local connection by first zipping the files and uploading in chunks to avoid timeouts.

Depending on your hosting account storage space, you can tell UD to keep a copy of your backups on your server. This makes for a quicker restore, if like me, you accidentally delete something. But it is highly recommended to send a copy elsewhere for the very valid reason/concerns you have just mentioned.

If a hacker gets in, or your host/server goes bang, it’s just a question of installing a fresh copy of WordPress, on the same domain, with any random user credentials and installing a fresh UpdraftPlus and either uploading from your computer the backup files you downloaded, or telling UD which remote site to fetch them from. Click ‘restore’. Your fresh install should be overwritten with all your original site content and settings, users included.

Here is what I’m seeing:

https://www.dropbox.com/sh/37pnnymgow5hffp/AACwP2iL4fw7dlui0JjHPyBBa?dl=0

I’m thinking of deleting and re-instaling UD. Will all my settings be preserved?

I am using the latest UD version 1.12.17

This is weird. I went to another WP 4.6 website I manage with 9 up to date plugins, and using the same browser (Safari 9.1.2) I ran a backup, yellow progress bar showed, and backup completed.

I then went back to my site and begun a backup, no progress bar, until I clicked ‘Develop > Show Error Console. The yellow progress bar shows, and then vanishes again when I close the console tab, but no errors.

Could it be a possible conflict with another plugin? I have 17 on the site in question, all up to date. I have also tried with FF & Chrome, on the same Macbook running OSX Mavericks, same problem, and yet when I open the Dev console in FF, yellow bar appears, but not with Chrome. Either way, the backups appear to always complete.

As it is right now, everything on the site seems to be fine, so I’m not overly concerned. I’m going to keep looking in the morning and will try grab some screen shots to share.