How to Remove Malware – Infected Site Guide

Posted on by
Reply

There’s been a surge of hacker activity lately leading to malware on WordPress sites. If your are experiencing any of the following issues, then this guide on how to remove malware may help you clean up the damage done to your site and/or server. Please note this guide is written for beginners and the common WordPress use. Therefore, I intentionally do not cover advanced technical trouble-shooting.

What is Malware?

Firstly, we have to understand what the heck malware is – after all, you can’t fight something you can’t define. So let’s go with the definition given to us by Wikipedia:

Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior.

Now we know that malware is essentially code that somehow got onto your site or server. The first step is figuring out whether your site actually has malware. Here are some common symptoms of malware on WordPress sites:

This guide consists of the following sections so that you can follow along step-by-step:

  1. Determine If Site is Infected with Malware
  2. Backup current site (as-is)
  3. Review and remove erroneous files
  4. Timthumb Notes
  5. Update WordPress files
  6. Update wp-config.php file
  7. Update / Remove Themes and Plugins
  8. Update Usernames and Passwords
  9. Clear Browser and Site Cache
  10. Re-Scan Site for Malware
  11. Conclusion

The guide assumes the following:

  • you wish to avoid starting your site fresh, in which case, you could simply delete the entire site and wordpress database and start over without completing any of these steps.
  • you wish to restore your site to its pre-infected state.

Let’s begin…

Pages: 1 2 3 4 5 6 7 8 9 10 11 12

How To Change Google Plus Page URL

Posted on by
Reply

google plus url How To Change Google Plus Page URL I just setup my first Page on Google Plus and immediately searched my profile for the option to set a custom URL (vanity URL) for my Google Plus Page. It took about 10 minutes to realize that there’s no such option.

A quick Google search led me to a service called GPlus.to which allows you create a short URL which redirects to your Google Plus page. I should note this is not a Google product or service. However, since my goal was really just to have a shorter URL which I can remember and is easy to type in, the service met my needs.

I’m surprised that Google doesn’t offer this key feature yet. It’s possible that some users do have this feature enabled on their account, but I did not. Have you changed your Google Plus page URL yet? If not, why?

The uploaded file could not be moved to

Posted on by
2

A few hours ago I moved a site from HostGator’s shared hosting to their VPS server offering. While the process could have been much smoother, it had several bumps along the way. None more annoying than the following error when attempting to upload images or media on a post within WordPress:

The uploaded file could not be moved to /var/www/vhosts/yourdomainname.com/httpdocs/wp-content/uploads/2011/11.

uploaded file cannot be moved to The uploaded file could not be moved to

In short, WordPress could not upload the image file. This is the last thing one would want to deal with when migrating a site. However, it is clearly a permissions issue and needs to be resolved on the server. Since most people are not server administrators, and neither am I, here are all the solutions I researched throughout the web in order from easiest to most difficult. Hopefully, one of these hacks will work for you.

Set the Default Folder for Uploads in WordPress

1) Login to WordPress and go to Settings > Media.

2) For the input labeled: Store uploads in this folder, specify the following as the value if it is blank:

wp-content/uploads

3) Save changes and test your ability to upload images. If you still have issues, move on to the next solution.

Changing Folder Permissions via FTP

On most VPS servers, you have to set permissions and ownership. Said differently, if you have the ability to set permissions but you are not the owner, then you will not be able to move or copy files into that folder.

WordPress tries to move uploads to the designated folder. However, if it does not have permission to do so, that would result in an error. It will only succeed if your write permissions are valid. Therefore, make sure your write permissions are correctly set and that you own the /uploads folder. Your FTP client displays the owner of the folder and is usually the username connected to the ftp server.

Below are instructions on how to change folder permissions via FTP:

1) FTP to your server, and navigate to the wp-content/uploads directory.

2) There, change the permissions of the /uploads directory to 777 (i.e., chmod to 777). In most FTP clients, you can right-click on the folder to get to the screen that allows you to change the folder permissions. If it asks you whether you would like to apply changes recursively, enable that as well.

3) Check WordPress by adding a new post and uploading an image. If it works, move on to the next step. If it doesn’t, then move on to the next solution.

4) If the previous step worked, now we’ll go back and change the permission of the /uploads folder to 755 (apply changes recursively). We’re doing this to avoid having a write-able (777) folder which is a security vulnerability.

NOTE: Do not leave your permission set at 777 – it exposes your site to hackers.

5) Check WordPress by adding a new post and uploading an image. If it works, then your issue is resolved. If it doesn’t, then move on to the next solution.

Changing Folder Permissions via Hosting Control Panel

Sometimes, the FTP user does not have the same privileges as the account owner. To ensure that changing folder permissions isn’t the solution, try logging into your host’s control panel and check the folder permissions from the File Manager. If they are correct, then move on to the next step. If is is not correct, edit the folder permission there and re-test the upload function through WordPress.

Creating a New Uploads Folder

1) FTP to your server, and navigate to the wp-content/uploads directory.

2) Rename the uploads directory to uploads-old.

3) Now, create a new folder named uploads. Change its permissions to 755.

4) Copy all sub-folders and files from the /uploads-old directory to the new /uploads directory.

5) Check WordPress by adding a new post and uploading an image. If it works, then your issue is resolved. If it doesn’t, then move on to the next solution.

Turn Off PHP Safe Mode

For some folks, turning off PHP Safe Mode may be the solution to this issue. However, not all users will be able to do this as many hosts restrict access or edit privileges to this file.

1) Navigate to your server

2) Locate the php.ini file. It is usually in your /etc directory from the root.

3) Open php.ini in a text editor and change the PHP Safe Mode value (if it exists):

On

to this:

Off

4) If the line does not exist, then add it.

5) Test your upload capabilities in WordPress.

Other Solutions

There are other potential solutions available however they are far more technical and require understanding of critical server files. Therefore, in the interest of preventing you from causing damage to your site and server, I won’t go into those here. At this point, if you are still having the issue, contact your host and have them resolve it.

Conclusion

I hope this was useful for folks having this image upload issue. Please let me know which solution worked for you in the comments below.

Your WordPress Site is Not the Same

Posted on by
Reply

If you are not database-savvy, you should definitely not be running SQL queries. It’s like trying to launch a rocket space ship (leave that to the pros). The consequences of a mishap, related to your own doing, are not worth it.

Ok, I’m going into explanation mode for the benefit of the community so they can get a bit of perspective on migrations, so bear with the wordiness.

Every site is different. I get a lot of folks that tell me:

  • I just have a WP site – why is it different than anyone else?
  • It’s just a simple site – why is it that instructions A or B don’t work?
  • I just want to move the site – how hard can that be?

The problem with those statements is that even though we ALL run WordPress, none of us do so in EXACTLY the same way. In fact, no two sites are the same – here’s why:

  1. All content (posts / pages) reside in a WP database (most beginngers / users don’t know that’s really where it is stored). But to their credit, they don’t really need to think about it UNTIL a data disaster occurs or they want to migrate their site. So basic point here is that all your data resides in a database.
  2. Each user has different plugins he/she prefers. The data those plugins create, as well as the data tables, are all created in that main WP database. For example, I recently logged into a user’s site with 107 plugins. Talk about scary! eek Your WordPress Site is Not the Same
  3. Over time, your database becomes less optimized as you store more data, activate / install / deactivate / delete plugins, etc. This is why users should backup and optimize databases regularly.
  4. The content (posts/pages) may be corrupt but user might not know it yet. This is why users should only use quality content entered directly into WP.
  5. etc. etc. etc. the list can go on and on…

So when all those factors add up, you have a very different site than the next person. Which is why no 2 sites are really the same ever.

This is also WHY most hosts will NOT touch your database and most developers will not offer such a service. Because it truly is a case-by-case service and must be handled very carefully. Hosting providers want to avoid users claiming their site doesn’t work, or X or Y plugin doesn’t work, etc. You can just imagine the possibilities, especially when the technical jargon behind what’s happening isn’t fully understood. So now we know why this is not a juicy service to provide.

Ok, so where does that leave the user?

  • To be extremely careful with their awesome site!
  • Understand that moving files and folders does NOT mean your database is moved too
  • Plan the move step-by-step. If possible, do a test first.
  • Hire someone who knows what they’re doing! It should not cost much.

If you are looking for a good source that explains how to move your WordPress site, start with the WordPress Codex. I found most other sources on the net out-dated, inaccurate, untrustworthy, or just wrong.

How to Increase WordPress PHP Memory Limit

Posted on by
Reply

I tried to upload an video to WordPress today and realized that I needed to increase my WordPress PHP memory limit. This is an easy step and can be performed by beginners.

1) Simply open up a text editor such as TextEdit or Notepad++.
Note: MS Word is NOT a text editor.

2) Copy the following into a new file:

memory_limit = 96M
post_max_size = 96M
upload_max_filesize = 96M
file_uploads = On

3) Save the file with the following name: php.ini
Note: If you are using GoDaddy, you may have to name it php5.ini instead as they upgraded their servers to run PHP5. But why would you be on GoDaddy anyway? :)

4) FTP to the root directory of your site. This is where your wp-admin and wp-content folders reside on the server. Upload the php.ini file to the wp-admin directory.

5) That’s it!

Let me know if it worked for you? If not, I may be able to offer some guidance. Enjoy.

To Do Apps for Bloggers and Web Site Owners

Posted on by
Reply

I tend to over-analyze and thoroughly research all options when it deals with my daily workflow. As I’ve tried to focus my energy on Getting Things Done and eliminating distractions, it was only a matter of time before I had to purchase a proper to-do app. The age-old reliable Stickies and countless text files filled with dozens of to-do’s (all incomplete, or maybe they were completed?) were not going to suffice any more.

Of course, I had certain requirements before purchasing any app. These were as follows:

  • First and foremost, it must have a native Mac desktop application and synchronize (ideally a push) to my iPhone app. I like knowing my to-do list is always accessible no matter where I feel unproductive.
  • Allow categorization of to-do’s. Neat-freaks like to categorize!
  • Must have logic to sort the to-do’s based on priority or other means. I don’t want to-do’s for next month showing up at the very top of my list.
  • Must have a quick keyboard shortcut to add a to-do instantly without having to launch the application in a new window.
  • A clean user-interface. Let’s face it! If you’re going to buy an app nowadays, this is an expectation.

So after many days of banging my head and reading hundreds of reviews, I narrowed it down to two:

SimpleTask

SimpleTask is extremely simple and non-intrusive. It won’t bog down your laptop with unnecessary features and junk. It does to-do lists perfectly. Additionally, it doesn’t force you to fill out every field on a to-do entry whereas other apps do. With SimpleTask, you can color code your to-do’s which is great. Though, guys like me will probably forget which color refers to what category. However, the fact that their desktop app is free should be enough to go download it immediately and try it out for yourself. Did I mention FREE?

Desktop App Price: FREE

iPhone App Price: $1.99

While the online reviews for the desktop app were definitely positive, their iPhone app needs a few more updates, specifically around synchronization. And if you’re a developer with the right stuff, feel free to help them. They have a great product and I’m sure the next version of their iPhone app will be spectactular. Regardless of this setback, for a cost of $2, you could have a to-do app for both the desktop and your iPhone which is pretty darn good in my opinion.

Things

Things is a Mac desktop app which has all the right features without being too overwhelming. They claim, Task management has never been this easy, and I wholeheartedly agreeIt met all my requirements above, but I really wished the apps were cheaper.

The bad? One notable downside is that they have promised to deliver synchronization via the cloud, but yet to fulfill that void. Other competitors have already delivered cloud synch functionality so I’m baffled Things hasn’t caught on yet. Though, it’s worth noting you can synch via Wi-Fi, but who does that anyway? If I’m going to pay this much for an app, I expect it to be the leader and not get left behind.

Overall, I still think Things desktop app is downright awesome, and if they get cloud synch functionality baked into the app, I’ll be all smiles. But the price tags make Things the top pick for serious to-do’ers and list-makers, but not the everyday person.

Desktop App Price: $49.99 (ouch!)

iPhone App Price: $9.99 (ouch, again!)

Conclusion

If you’re wondering which of these two fantastic apps I eventually chose, the answer is Things. I’m fine in spending $60 (in total) to bring sanity back into my to-do lists. After all, productivity means more money.

At this point, you’re probably wondering what the heck does this have to do with bloggers and web site owners? Simple! They are inefficient (actually, I am) and could use a to-do app. Time and time again I hear bloggers complaint about nothing is getting done, how they procrastinate so much, and the rant continues. Well a solid to-do app and the discipline to cross items off the list will yield better sites whether it be with more content, better designs, or just happier bloggers. (this post was on my to-do list! Now I can cross off that to-do. FUN!)

Save your time and energy as I’ve already done the research. If you’re an organization freak like me, then you need one of these apps. But if you disagree with my choices, sound off below and let me know what’s on your list?

How to Get Category ID of Current Category

Posted on by
Reply

Yesterday, I was looking for ways to grab the current category ID so that I could display a custom image at the top of each archive page. While there are many different ways to achieve this, I did not want to run an additional query. After reviewing the solutions mostly, I stumbled upon this gem on the WordPress Codex:

<?php get_query_var( $var ); ?>

With that template tag, you can simply pass the variable cat to grab the Category ID of the current category (i.e., within archive.php):

<?php echo get_query_var('cat'); ?>

You can use it to grab the Page ID of the current page as well (i.e., within page.php):

<?php echo get_query_var('page'); ?>

That snippet will accept any parameter that can be used within the WP Query class.