Tretola: WordyPressing: just replace it with https://
Tretola: WordyPressing: and if you can’t get an https connection from that host, find another host, or store it locally
Dunnaway: Mateusz, there isn’t a quick fix. Your site has been hacked, you no longer own at least the web root and it’s files. So you now have to consider your DBA p***word “in the wind” and anything ever written to at least the wordpress database
Showman: I have no idea what advice that just was :
Showman: WordyPressing: can you describe/summarize your problem? You’re trying to setup SSL on your site that you host on a server you manage?
Parra: We are at GoDaddy and have installed the SSL cert.
Geschke: Showman, I will copy and paste. To everyone else, sorry for the inconvenience. ;P
Julen: Our site www.adamandevefamilytree.com has to have SSL by Friday in order to keep taking customer orders. When I go to https://www.adamandevefamilytree.com/store/ I get a “Loading. Please Wait.” error, and it gets stuck. When I go without https, it works fine. Can anyone point me in the right direction?
Harbison: Man GD has been been getting more and more pricer
Kullmann: Dcr: thanks, i’m currently studying links from bot
Dunnaway: Additionally, if you as some people do.don’t feel bad used root’s credentials for the database, every single database on your machine is now owned. If the dba and root login p***words are the same, the server is gone. There is no simple fix beyond “service httpd stop” and trying to find an uninfected backup to restore from. Forensically figuring out how much damage has been caused is a time consuming business, both in carrying out the ****ysis.and actua
Dunnaway: Lly knowing how to do it in the first place
Tretola: WordyPressing: do you need someone to actually _do_ something? because “pointing you in the right direction” has happened a few times already
Dunnaway: Mateusz, before you start changing file permissions, etc.you need to try and figure out how exposed you are
Hollis: Kam, no. Showman asked about the problem which is why I pasted that for him.
Showman: WordyPressing: yeah, all your scripts and styles are loaded over http:// – those need to be fixed – if the theme author coded it right looks doubtful by the source code then you can look for wp_enqueue_script lines and fix those
Dunnaway: Mateusz, for example. Is the wordpress db user in wp-config.php root? who owns the files in the webroot? who owns the webroot? has anyone injected a shell? is /tmp executably mounted? are there any malicious files in there
Showman: WordyPressing: honestly it looks like a bunch of hard-coded stuff and I don’t even see wordpress in here
Tretola: Showman: i think you are the third person to have told him that
Showman: WordyPressing: come back when you’re working with a WordPress site friend – this looks like a custom php implementation
Stoddart: The WordPress is in a different folder than the store. Thanks for all the info guys. I’ll be looking to replace http with https in all the scripts.
Oyervides: Thanks again everyone. I’ll go make the changes and see if that helps.
Lisowski: Hey I am trying to get the images on my page to be fully viewable in height, but it seems that it is stuck within this box, would there be any way to fix this at http://fourstudios.com/
Colesar: E.g. the calm before the storm picture, its a quite long picture in height, but it only shows that portion of it
Hardgrave: I was looking to see if maybe overflow hidden was set, and even tried adjusting the height manually, not sure why it wont go though
Cimmino: Dcr: it’s shared hosting, so not root
Dunnaway: Mateusz, ok.thats one thing. Do you have a working backup?
Jeng: Blahkat-: that’s how your image is cropped: http://fourstudios.com/wp-content/uploads/2015/09/the-calm-before-the-storm_o_5931987-499×509.jpg
Campese: Ohh crap lol it must be auto cropping