Home › Forums › Weaver Xtreme Theme › Weaver Xtreme plus preventing access to backend ?
- This topic has 4 replies, 3 voices, and was last updated 1 week ago by debbietomkies.
March 15, 2023 at 18:51 UTC - Views: 25 #72066debbietomkiesParticipant
Just to begin by saying that we have been using Weaver since the late 2000s and have always been really happy with it. We are using Weaver in a child theme (1.0) and the main theme (5.0.7) is up to date.
Here’s a shorthand background to the above question:
- On 9 March we were blacklisted by google due to malware on our site. We did the following:
- Contacted our webhost (ionos), paid for their site scan + repair service and Domain Guard. No issues were identified.
- Scanned with Wordfence (free version) – no issues identified.
- Sent a review request to Google which was rejected. In their view malware was still present.
- We signed up to siteguarding who did a full scan and repair of our site. Some files were cleaned and it was re-submitted to Google. No response as yet.
In the meantime, we had a notification from Ionos that our php was out of date so I upgraded to php 8.1 (we have mysql 5.7). Shortly afterwards, we could not log in to the backend of the site on any browser. We could get to the wordpress login screen but the password wouldn’t work and we couldn’t reset as the reset function wasn’t sending a reset password. I deleted wordfence 2fa to see if that was the issue but no, still the same issue. I also tried wordpress recovery mode but that wouldn’t work either. We just got a ‘this site has a critical error’ message.
I contacted Ionos who also couldn’t find a way to enable us to access the backend but the front end on Edge has looked fine throughout. Ionos, I think, did a clean install of WordPress, reinstated the content, de-activated ‘plus’ plugin and switched us to Twenty Twenty Two theme. They said that the theme was preventing access to the backend.
I haven’t tried rolling back php to the earlier version to see if that is the issue causing an incompatibility with Weaver. I also haven’t re-activated Weaver or the plus plugin in case I lose access again. As you might imagine, the site now looks like a dog’s dinner and Ionos very helpfully suggested the best option was to rebuild the website from scratch (!).
To be honest, I’m not convinced Weaver is the issue but if it could be a php thing or anything else, any advice would be much appreciated. If it’s a compatibility thing, I’d just rather know at this point. What with this and the blacklisting I’m pretty much ready to head for the nearby canal!
Sorry for the long post and thanks for reading this far. There’s nothing I can screenshot as I can’t see the site from the backend if I re-activate Weaver and I don’t even have error messages to share 🙁March 15, 2023 at 19:34 UTC - Views: 23 #72068March 15, 2023 at 20:23 UTC - Views: 19 #72073WeaverKeymaster
The latest beta versions of Weaver Xtreme (6.1.10) and WP repository version of Weaver Xtreme Theme Support have been tested to PHP 8.1. The Weaver Xtreme Plus works with 8.1, but hasn’t had a full test with 8.1. PHP 7.4 for sure works with almost every WP theme and plugin. But the PHP versoin is unlikely to be the issue.
I would try with those versions.
Not being able to log in sounds almost like a database hack which is not easy to recover from.
But if you get to the point of being able to login to you site with some WP theme (2022 is not the best choice as it is a block theme but Maybe something like 2012), then I’d deactivate ALL plugins.
At this point, you should be able to access everything. If your contents seems to be there, and your defined menus are still there, then you can start adding plugins in back.
Then use the WP export tool (which will require adding the export tool plugin) to same all of your pages and posts.
The hardest part of “fresh” start is losing all of your media links) and menu definitions. But you goal would be to try to be sure you database isn’t corrupted.
On the other hand, the better hosting companies should be able to restore for an earlier, pre-hack version of your site.March 15, 2023 at 21:36 UTC - Views: 16 #72075scramblerModerator
And first test without the child theme to separate potential issuesMarch 17, 2023 at 19:40 UTC - Views: 9 #72090debbietomkiesParticipant
Thanks for such a quick and detailed reply – I’m busy putting your suggestions into practice (and hoping against hope it isn’t a database hack!). Interesting point about the block theme as the webhost did try 2022. I’ll dig deep and find 2012!
- You must be logged in to reply to this topic.