What is this wordpress error?

This is the web site I've had for years.

http://www.successdevelopmentservices.com/

It has always ran very well. A couple days ago I looked at it to send the URL to a friend and suddenly I an error that says "Parse error: parse error, unexpected '<' in /home/content/N/e/g/Negalith/html/index.php on line 15" as the only thing displayed in the browser.

I had not even made changes to it in months. When I log into the "back end" of Wordpress at wp-admin, that part seems to work just fine.

Any explination?

8 Answers

Relevance
  • Anonymous
    10 years ago
    Favorite Answer

    It appears that your Wordpress website has been hacked. I checked your Wordress default login script and you can access your login page > yourdomainname/wp-login.php. Also I can view the yourdomainname/sitemap.xml for your site. So this tells me that it is not a website sitewide problem ie files or folders moved, or PHP wide or SQL wide problem. It is an isolated code error. I have seen this parse error a million times before on hacked Wordpress websites. 99.99% sure that this was an XSS - Cross Site Scripting attack, which will inject malicious code into any vulnerable php pages or .js files on your Wordpress website that are not protected by an .htaccess file that contains Query String Filter code to block malicious XSS code exploits. I have added the .htaccess file below that I use on all of my websites and all of my clients websites. It is 100% effective at blocking XSS Query String Exploits.

    The damage is already done to your Wordpress website so now you have some repair work ahead of you. I see that the site is hosted on GoDaddy. GoDaddy has an automated backup system that backs up your entire website on a regular basis. It is very similar to an XP System restore ie Calendar with a restore point (calendar date) that you pick to restore from. It is kind of confusing if you have never done a GoDaddy restore from backup before. I recommend you have a GoDaddy Tech walk you through it. Anyway basically what happens is you are copying backed up website files from a GoDaddy server backup location to your current site in a new folder. Since they will be copied to a new folder you will then have to manually copy those files and folders - overwriting your hacked or damaged Wordpress website files. The extra step is intentional - Done this way to protect you and GoDaddy from accidentally performing an automatic restore and overwiting your website files by mistake.

    Most likely your Wordpress SQL database has been compromised as well. Instead of trying to explain what you will need to do here to fix that I definitely recommend you contact GoDaddy Tech support to have them check your Wordpress SQL DB. Typically an additional table is created by hackers instead of getting into your main WP SQL DB. It acts as a piggy back DB table and I guess just as a joke usually has a name that contains "piggy" in it. Silly stuff these guys do I swear.

    CAUTION: this .htaccess file code is only for Wordpress websites installed at the root of the domain. Add your folder name / path to the RewriteBase and and Rule if you site is not installed in the root. For HTML sites just replace index.php with index.html.

    CAUTION: this is a very restrictive .htaccess file that interferes with a couple of admin functions because the Query filter detects the execution of those commands as attack threats and they are blocked. Those areas are configuring Widgets and Installing new Plugins. What I am doing for now is until I write a Wordpress plugin to automate this is to have 2 .htaccess files on the site root domain. 1 named secure.htaccess and one named default.htaccess. To enable either one you just remove the first part of the file name so that what you left is just .htaccess. This is a bit of minor nuisance for now until I write that WP plugin, but consider the alternative - hours of fixing your hacked website. ;( I have not decided on a name for the Wordress Plugin that I will be writing in the near future so I can't tell you what to look for in the near future. Maybe WP-LockDown or WP-BulletProof? If you want you can register at my site and when I release my new plugin I will email anyone who has registered at my site. I HATE SPAMMERS so the only time you will ever get an email from me is if you requested for me to contact you. Anyway my website is here http://www.ait-pro.com

    # BEGIN WordPress STANDARD WP MOD REWRITE

    <IfModule mod_rewrite.c>

    RewriteEngine On

    RewriteBase /

    RewriteCond %{REQUEST_FILENAME} !-f

    RewriteCond %{REQUEST_FILENAME} !-d

    RewriteRule . /index.php [L]

    </IfModule>

    # END WordPress

    # FILTER REQUEST METHODS

    <IfModule mod_rewrite.c>

    RewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]

    RewriteRule ^(.*)$ - [F,L]

    </IfModule>

    # QUERY STRING EXPLOITS BLOCKS XSS ATTACKS

    <IfModule mod_rewrite.c>

    RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]

    RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]

    RewriteCond %{QUERY_STRING} tag\= [NC,OR]

    RewriteCond %{QUERY_STRING} ftp\: [NC,OR]

    RewriteCond %{QUERY_STRING} http\: [NC,OR]

    RewriteCond %{QUERY_STRING} https\: [NC,OR]

    RewriteCond %{QUERY_STRING} mosConfig [NC,OR]

    RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|’|"|;|\?|\*).* [NC,OR]

    RewriteCond %{QUERY_STRING} ^.*("|'|<|>|\|{||).* [NC,OR]

    RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]

    RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]

    RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC]

    RewriteRule ^(.*)$ - [F,L]

    </IfModule>

    *** the .htaccess file (2 separate files) can be put on the root of your domain and in your /wp-admin folder if you want. If you don't do this the root .htaccess file will carry over to /wp-admin

  • 4 years ago

    Well. 1. do you have the newest version of wordpress? if not, that may be your problem. 2. Is the theme compatible with your version of wordpress (will say on download page)? if not, that may be your problem. I suggest, looking at the page where you downloaded the theme & checking if it's compatible & if it isn't download a version of wordpress that is compatible.

  • 4 years ago

    Did you edit something in your WordPress code? Like in the .CSS file or in some other file? If the code of your WordPress file is not correct, it will show error. Thanks.

  • 3 years ago

    It may be hacking. Try to secure you site with anti spamming plugins. Use powerful password.

  • How do you think about the answers? You can sign in to vote the answer.
  • Maybe you were hacked? Maybe a coworker made a change that broke it?

    Use FTP software to log into your hosting and find the index.php page. Has the date changed? If so, then:

    a) backup the damaged page to your computer so you can examine what went wrong

    b) upload the good copy from your computer. You do have the site backed up, right?

  • 10 years ago

    Open up the theme editor and look at the templates. Something has changed, and not for the better.

    If you have a backup copy of the theme, try switching to another theme first and then to the backup copy.

  • 5 years ago

    restore a last back up if you have one as I believe it has been hacked.

  • 10 years ago

    Can you please post a few lines of code around line 15?

Still have questions? Get your answers by asking now.