Fatal error Failed opening required wordfence waf.php  - ❌ PHP Fatal error:  Unknown: Failed opening required wordfence-waf.php

❌ PHP Fatal error: Unknown: Failed opening required wordfence-waf.php

After migrating a WordPress website ot another cPanel account, the website displayed 500 error, and the following was recorded inside the error_log file: [17-Aug-2022 12:46:18 Europe/Belgrade] PHP Fatal error: Unknown: Failed opening required ‘/home/XXXXX/XXXXX.com/wordfence-waf.php’ (include_path=’.:/opt/alt/php74/usr/share/pear’) in Unknown on line 0 WordFence adds rules to .htaccess file to include the wordfence-waf.php file by full path: php_value … Read full article →

WordPress .htaccess file - WordPress .htaccess file examples

WordPress .htaccess file examples

The .htaccess file is a configuration file that is used by the Apache web server to control various aspects of how the server functions. In WordPress, the .htaccess file is used to control various settings related to the permalinks of your website, as well as to protect your website from various types of attacks. The … Read full article →

Looks like somethings gone wrong. Wait a couple seconds, and then try again.

⚠️ Looks like something’s gone wrong. Wait a couple seconds, and then try again.

When editing the menu in customizer the changes failed to save with the error message: Looks like something’s gone wrong. Wait a couple seconds, and then try again. And when inspecting the page the following error appears: POST http://plugins.club/wp-admin/admin-ajax.php 403 (Forbidden) The 403 error is caused by something blocking access to the file such as … Read full article →

Enable HSTS Preload for a WordPress website - Enable HSTS Preload for a WordPress website

Enable HSTS Preload for a WordPress website

To enable HSTS Preload on a WordPress website (https://hstspreload.org/?domain=wpxss.com) you need to add the following code snippet in the .htaccess file: If you have access to the server settings *(You are using a VPS or DEDICATED server) then you can enable it server-wide for all domains by adding the snippet to the /etc/apache2/conf.d/includes/pre_main_global.conf file TIP: … Read full article →

Remove cronjobs from AnonymousFox malware - 🔴 FoxAuto WordPress malware

🔴 FoxAuto WordPress malware

The AnonymousFox Hack guide by Sucuri misses a huge step in cleaning a hacked WordPress website, and that step is: removing the cronjobs While removing AnonymousFox malware from a website I noticed the following cron: It downloads a script from http://hello.hahaha666.xyz/xxxd and runs it, the script is: It creates a new folder css and replaces … Read full article →