tdjcbe

No dice I’m afraid. Still broken for me with the same error although with Nginx logs and not apache.

Reinstalling the new version gives me the following:

2015/06/07 19:39:08 [error] 4478#0: *1620 FastCGI sent in stderr: "PHP message: PHP Warning: require_once(/usr/share/nginx/www/wordpress/wp-content/plugins/contact-form-7/admin/admin-functions.php): failed to open stream: No such file or directory in /usr/share/nginx/www/wordpress/wp-content/plugins/contact-form-7/admin/admin.php on line 3

It’s weird because if you look at line 3 of the admin.php file, the includes subdirectory is disappearing:

require_once WPCF7_PLUGIN_DIR . '/admin/includes/admin-functions.php';

Please note that the script is looking for /admin/admin-functions.php and not /admin/includes/admin-functions.php

edit: I’ve gone back to 4.1.2.

Added modlook for mcdanman’s post up there with the affiliate link.

Last I knew, you had to install the v1.5 of Lighttpd to get things working. There was a lengthy thread on this over at the old forums. Someone else is going to have to dig for it. I;m on a wireless network with a five minute page load and can;t go digging.

No offense but I support nearly 70 different platforms and I don’t recall a single one of them that supports users deleting their own account. Some of the gaming platforms we deal with offer a “reset an account” option but that’s about it. I may have missed the option but I would think it would stand out. (edit: OK, I just found that Joomla does one. Although it has a non commercial license attached to it. That makes it very murky.)

Even with the built in “Delete a blog” selection, we get many users who come back in tears saying that they didn’t really mean to delete their blog and could they have it back. I’m sure most of my clients would put that in their top 10 for support requests.

Bingo. Glad you got it worked out.

I know you’ve said you’ve contacted your host but I have a feeling that this was something that they did. When there’s a security issue on a server, it’s common for someone with root access to go in, set permissions to zero, and wait for the client to notice something’s up and contact them.

I have a feeling that you’re able to see the directory within a control panel like CPanel. Many of those panels run as a root user. That’s probably why you can see it here but not as ftp. Your ftp user is at the same level as your user account.

This is why also running the unfiltered html plugin is a bad idea on an open system.

What’s the plugin? There may be a workaround.

I would think that would be an issue actually because of the 32k (or less) directory limit with many *NIX based servers.

If the directory is still there after the files are gone, that would be an issue. It really should be deleted.

Although it’s not as big of an issue as leaving the files.

I believe we’re talking about splogs, not comment spam.

Get a mini ??

https://www.google.com/enterprise/search/mini.html

5 bucks says that’re all coming from a small number of IP addresses and blocking countries is overkill.

No offense against what you done. We used to average about 15% out of ev1/theplanet. Guess we’ll have to block out the US then. ??

It’s a security risk to allow it. You can wrap content from an insecure site within the iframe tags and lift cookies, deploy virii and whatnot.

site3.com/en/blog

I could have sworn that we were just going into the database and editing the path manually after blog creation. Granted there’s no way to do it out of the box but that was the workaround.

Had one install doing that. They’re no longer with us so I can;t check.

An aside to Andrea: Can we please add in the Out of Memory instructions to the MS sticky? They were included in the old instructions but I don’t see anything “official” for the current instructions.

Folks may want to block 186.28.237.98 as well. A report has been sent but they hit over 30 of our social platform (ie not just wp) installs within the last 24 hours.