: WordPress keeps redirecting my users to install.php, Is it caused by an injection hack? I don't really know how to express my problem, so bear with me. This is a bit hard to explain. I have
I don't really know how to express my problem, so bear with me. This is a bit hard to explain.
I have a Wordpress installation, the latest, and often (once a day) my site redirects users to the /wp-admin/install.php file. Asking for my login credentials of course. I have tried reinstalling WordPress and still have not been able to figure what they are doing.
That happens regularly. Also, a few hours later, I am able to see my site normally. Hope this makes sense.
I suspect there myst be some database DoS that allows them to inject a redirect of some sort into my admin area, thus redirecting the user to said directory (install.php). But that's just me. I really have no clue what else could they be doing.
I looked at the source code from several php files and noted some of them don't include a ?> tag. Could that be an issue?
My hosting company is iPage, I've contacted them and they say there's nothing wrong with my files. Anyone have a clue? I can paste the code to any source file.
More posts by @Candy875
6 Comments
Sorted by latest first Latest Oldest Best
It is because MAX_USER_CONNECTIONS or MAX_QUERIES_PER_HOUR exceeded. If you are using a free hosting than you can't increase the limit. But if you are using paid hosting tha you can increase the limit. For more information visit dev.mysql.com/doc/refman/5.7/en/user-resources.html
In my experience, this error can happen when your web page makes too many requests to your host server, especially if you are on a shared server.
This is a year old, but I saw it so I might as well try to answer it as there is no accepted answer (yet).
The most common reason for this is caused by changing your database. For example, my host's database server was down for some time and when it was up again, I had to 'install' it again. In this case, this is expected behavior.
If this is not the reason, there's probably some issue with the installation. For example, it failed but you can't see it.
A bit off-topic, but I would also highly recommend not to use iPage -- even if there were no files I think they'd still say 'nothing is wrong'.
There's no accepted answer, but it's over a year old, so I'm answering for the sake of academia.
If you're checked the database structure, and you've replaced the core files, there's really only one answer that remains: your host. There is obviously some communication issues between Apache and MySQL (assuming this is what your host uses).
I would upload a fresh copy of WordPress excluding the wp-content folder. Update the core files. Then check your htaccess is correct. It's likely the installation didn't complete. Does iPage have any server side caching which you can manually clear?
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Hi to be honest to the best of my knowledge the most common WP hacks are either weak PW security that has been compromised and allowed malicious code / updates to be made (consider the number of WP admins that didnt change the default UN 'wp-admin' thats already half of the auth guessed). Or for historic installs / ones with the offending versions bad versions of PHP thumb of (that used to have a well knowen exploit).
If your site is redirecting at all it would indicate that it has been compromised already and depending upon the method you are using to update it the malicious files (or DB entries) might not be getting touched / deleted.
However there are a bunch of 'remedies' on good old Google but also as with most things WP there are a bunch of plugins that can detect for common compromises. If you can still access your manager it may well be worth trying one of these as a starter..
wordpress.org/plugins/gotmls/
Good luck!
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.