@girish said in ECONNREFUSED:

@MarchinBunny there was a malware in WordPress. Something like https://stackoverflow.com/questions/76268370/wordpress-error-because-mo-files-inside-wp-include .

Exactly, what I expected right from the start of the thread.

But there are lots of plugins in your site, it could be anything.

And, yes some malware could be running in the background for years before one find out.

@RazielKanos said in Malware in my Wordpress:

Once a system was infected it is best to set up everything new

And above all, DO NOT install themes and/or plugins which provenance is doubtful.
In WordPress this is 99% the source of 'malware' problems.

@therealwebmaster See https://docs.cloudron.io/apps/wordpress-developer/#php-settings

@RazielKanos 👍 or rename to say .htaccess-backup, then compare new to old.

@marcusquinn I use these commands, via Terminal MySQL Access:

//display active users select user_login, user_nicename, display_name from wp_users; //change user_nicename UPDATE wp_users SET user_nicename = 'myusername' WHERE user_nicename = 'admin'; //change user_login UPDATE wp_users SET user_login = 'myusername' WHERE user_login = 'admin'; //change display_name UPDATE wp_users SET display_name = 'myusername' WHERE display_name = 'admin'; //change user email UPDATE `wp_users` SET `user_email` = "myemail@email.com" WHERE `wp_users`.`user_login` = "myusername"; //change admin password UPDATE WORDPRESSDATABASE.wp_users SET user_pass = MD5('NEWPASSWORD') WHERE user_login = 'myusername';

@girish Thanks, that makes some memory-saving sense, too. My specific issue was just at having the addon enabled, but the plugin disabled, as it makes sense to have it on a live site that isn't being developed, but not during development.

@BrutalBirdie You're right, directory browsing is blocked at the server level. I just spotted these missing files and thought a simple no-harm way to cover the same for all instances.

@luckow Thanks! Hidden in plain sight 😅

I did quickly try checking documentation first, just not enough, I guess!

Wen CloudronGPT? 😁

@girish 👏👏👏

check out in the options table. I once had a hacked plugin that was writing executable code in the options table, and by that, it was able to reinstall itself again and again.

Well securing the page should be a matter of less than an hour. Just export those pages, make a fresh install and import the pages back in 🙂

Are you talking about https://docs.cloudron.io/apps/#data-directory or some other directory for data within Wordpress?

@humptydumpty Nothing to feel bad for. That's just how GPL works. Plenty of non-GPL platforms they could develop for and not benefit from the size of the market. Microsoft does just fine with a % of unlicensed users, it's just a marketing cost. At the end of the day utility and user counts is worth more. The plugin with 700,000 installs registering on wordpress.org will be getting ample monetisation opportunities. The one with 70 installs likely won't be worth any GPL site unlocking.

@ianhyzy
Update to 6.2 and that message should go away. Other control panels reported this as well but WP saw no need to act on it as there was no likely risk of it being exploited.

@p44 no idea

@d19dotca @girish

X theme, may also be called Pro

@girish WHOOP!! deleteing object-cache.php solved it! Thank you so much!!!

This is how I do it, personally.

Though I delete the dev.tld.com app when I no longer need it.

@p44 for me personally I wouldn't want that. When I use the clone feature, it clones an empty WP with a few basics installed to start the development process. When I migrate that to prod, I use duplicator, which does the heavy lifting and replacing.

It's mostly this way already. The credentials given to an app do not allow the app to operate outside the scope of the database. The app cannot drop the database as well. But it's allowed to do whatever it wants inside it's own database.