About gwfisher
Rank 55972
317 followers Joined March 2014
Hello everyone! I am a retiree from the mortgage industry feeling guilty when my wife leaves for work and I face a day of unwanted

Posts

0

Questions

6

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training
asked in
Everything Wordpress
Updated

Since 10:20am today and every two minutes since (it is now 5:00pm) Something/Someone has attempted to login into my site (unsucessfully). The count is now 376 attempts and still go

If you are using the Limit Login Attempts plugin, you should be able to see if the attempts are made by IP addresses or a domain, and then block them.

I agree that at this point, putting in a WA hosting support ticket is your best option. ~ Jude

Thanks Jude. Please see the Support solution in my reply to Trialynn below. They are awesome and very quick in isolating ans resolving my problem.

Happened to me too, but it was only 26 times. I strengthened my password to national security level and akismet kept me in touch with what was going on.
My Server, Bluehost, also started blocking IP addresses from the intruder.

It is now 5:50pm and another 20 attempts. There has been no breach as each attempt was blocked and I have checked to make sure no new users have crept into the backend and there has been no spam entries either. Just annoying more than anything and I just wish I knew how to stop it. Thanks for taking the time to reply. Maybe I should send a support ticket to WA as they are the host.

You might want to try this plugin too:

Limit Login Attempts 2.0beta3

devel.kostdoktorn.se
Pages
Cache Translation Object
Limit Login Attempts
Categories
beta (2)
deprecated (1)
performance (4)
plugins (7)
WordPress (9)
Archives
October 2009
Blogroll
Kostdoktorn
Meta
Log in
Limit Login Attempts
A WordPress plugin

Loginscreen during lockout
Loginscreen during lockout
Limit rate of login attempts, including by way of cookies, for each IP. Fully customizable.

Description
Limit the number of login attempts possible both through normal login as well as using auth cookies.

By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

Features
Limit the number of retry attempts when logging in (for each IP). Fully customizable
Limit the number of attempts to log in using auth cookies in same way
Informs user about remaining retries or lock out time on login page
Optional logging, optional email notification
Handles server behind reverse proxy
Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish

Plugin uses standard actions and filters only.

Download
You can always find the latest version to download here.

Installation
Download and extract plugin files to a folder in your wp-content/plugin directory.
Activate the plugin through the WordPress admin interface.
Customize the settings from the options page, if desired. If your server is located behind a reverse proxy make sure to change this setting.
Requires at least WordPress 2.8, tested up to WordPress 3.1-RC4.

Screenshots
Loginscreen after failed login with retries remaining
Loginscreen during lockout
Administration interface in WordPress 2.7
FAQ
Why not reset failed attempts on a successful login?
This is very much by design. Otherwise you could brute force the “admin” password by logging in as your own user every 4th attempt.
What is this option about site connection and reverse proxy?
A reverse proxy is a server in between the site and the Internet (perhaps handling caching or load-balancing). This makes getting the correct client IP to block slightly more complicated.The option default to NOT being behind a proxy — which should be by far the common case.
How do I know if my site is behind a reverse proxy?
You probably are not or you would know. We show a pretty good guess on the option page. Set the option using this unless you are sure you know better.
What do I do if I get a notice about it being unable to replace wp_get_current_user()?
Limit Login Attempts no longer replaces any pluggable functions.
Why write a new plugin instead of using Login Lockdown?
When looking at it I was not satisfied with how Login Lockdown solved the technical issues.Then I also found a number of ways to improve things: handle auth cookies login, show users how many login attempts remained and for how long they are locked out. Have the option to notify the admin about lockdowns.

I have the "Limit Login Attempts" plugin and it has recorded 2,873 lockouts since this am and blocked 29 IPs. Yet the attempts are still going on. My email has now received over 420 warning messages from WordPress. I will submit a support ticket to WA and see if they can stop this madness. I have also contacted a "Fiverr" tech to look into it but he hasn't responded to my "gig" as yet. Thanks again for sharing your ideas.

I wish you the very best in dealing with this problem! Let me know how tech support does in helping you resolve it please.

Tech support was great! Stupid of me not to contact them before reaching out to the community. Problem was an xmlrpc.php attack (whatever that is) which they disabled very quickly. Cudos to them and to you and Jude as well for stepping up.

Glad it is resolved. The xmlrpc is the pingback function in WordPress, which has known vulnerabilities.

I do not allow pingbacks and trackbacks from other blogs. This can be turned off in the Discussion settings. I don't think that would entirely prevent the problem but perhaps minimizes it.

There is a plugin that removes the vulnerable part of the xmlrpc. I don't use it, so I can't vouch for it. If it happens again, you can look into it below, however, I imagine WA hosting probably took care of that for you already.

http://wordpress.org/support/view/plugin-reviews/disable-xml-rpc-pingback

Let's hope the WP version 4.0 release will addresses this issue. The vulnerability has been around for a long time. ~Jude

See more comments

Three hundred seventy six failed login attempts what gives?

Three hundred seventy six failed login attempts what gives?

asked in
Everything Wordpress
Updated

Since 10:20am today and every two minutes since (it is now 5:00pm) Something/Someone has attempted to login into my site (unsucessfully). The count is now 376 attempts and still go

If you are using the Limit Login Attempts plugin, you should be able to see if the attempts are made by IP addresses or a domain, and then block them.

I agree that at this point, putting in a WA hosting support ticket is your best option. ~ Jude

Thanks Jude. Please see the Support solution in my reply to Trialynn below. They are awesome and very quick in isolating ans resolving my problem.

Happened to me too, but it was only 26 times. I strengthened my password to national security level and akismet kept me in touch with what was going on.
My Server, Bluehost, also started blocking IP addresses from the intruder.

It is now 5:50pm and another 20 attempts. There has been no breach as each attempt was blocked and I have checked to make sure no new users have crept into the backend and there has been no spam entries either. Just annoying more than anything and I just wish I knew how to stop it. Thanks for taking the time to reply. Maybe I should send a support ticket to WA as they are the host.

You might want to try this plugin too:

Limit Login Attempts 2.0beta3

devel.kostdoktorn.se
Pages
Cache Translation Object
Limit Login Attempts
Categories
beta (2)
deprecated (1)
performance (4)
plugins (7)
WordPress (9)
Archives
October 2009
Blogroll
Kostdoktorn
Meta
Log in
Limit Login Attempts
A WordPress plugin

Loginscreen during lockout
Loginscreen during lockout
Limit rate of login attempts, including by way of cookies, for each IP. Fully customizable.

Description
Limit the number of login attempts possible both through normal login as well as using auth cookies.

By default WordPress allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be brute-force cracked with relative ease.

Limit Login Attempts blocks an Internet address from making further attempts after a specified limit on retries is reached, making a brute-force attack difficult or impossible.

Features
Limit the number of retry attempts when logging in (for each IP). Fully customizable
Limit the number of attempts to log in using auth cookies in same way
Informs user about remaining retries or lock out time on login page
Optional logging, optional email notification
Handles server behind reverse proxy
Translations: Bulgarian, Brazilian Portuguese, Catalan, Chinese (Traditional), Czech, Dutch, Finnish, French, German, Hungarian, Norwegian, Persian, Romanian, Russian, Spanish, Swedish, Turkish

Plugin uses standard actions and filters only.

Download
You can always find the latest version to download here.

Installation
Download and extract plugin files to a folder in your wp-content/plugin directory.
Activate the plugin through the WordPress admin interface.
Customize the settings from the options page, if desired. If your server is located behind a reverse proxy make sure to change this setting.
Requires at least WordPress 2.8, tested up to WordPress 3.1-RC4.

Screenshots
Loginscreen after failed login with retries remaining
Loginscreen during lockout
Administration interface in WordPress 2.7
FAQ
Why not reset failed attempts on a successful login?
This is very much by design. Otherwise you could brute force the “admin” password by logging in as your own user every 4th attempt.
What is this option about site connection and reverse proxy?
A reverse proxy is a server in between the site and the Internet (perhaps handling caching or load-balancing). This makes getting the correct client IP to block slightly more complicated.The option default to NOT being behind a proxy — which should be by far the common case.
How do I know if my site is behind a reverse proxy?
You probably are not or you would know. We show a pretty good guess on the option page. Set the option using this unless you are sure you know better.
What do I do if I get a notice about it being unable to replace wp_get_current_user()?
Limit Login Attempts no longer replaces any pluggable functions.
Why write a new plugin instead of using Login Lockdown?
When looking at it I was not satisfied with how Login Lockdown solved the technical issues.Then I also found a number of ways to improve things: handle auth cookies login, show users how many login attempts remained and for how long they are locked out. Have the option to notify the admin about lockdowns.

I have the "Limit Login Attempts" plugin and it has recorded 2,873 lockouts since this am and blocked 29 IPs. Yet the attempts are still going on. My email has now received over 420 warning messages from WordPress. I will submit a support ticket to WA and see if they can stop this madness. I have also contacted a "Fiverr" tech to look into it but he hasn't responded to my "gig" as yet. Thanks again for sharing your ideas.

I wish you the very best in dealing with this problem! Let me know how tech support does in helping you resolve it please.

Tech support was great! Stupid of me not to contact them before reaching out to the community. Problem was an xmlrpc.php attack (whatever that is) which they disabled very quickly. Cudos to them and to you and Jude as well for stepping up.

Glad it is resolved. The xmlrpc is the pingback function in WordPress, which has known vulnerabilities.

I do not allow pingbacks and trackbacks from other blogs. This can be turned off in the Discussion settings. I don't think that would entirely prevent the problem but perhaps minimizes it.

There is a plugin that removes the vulnerable part of the xmlrpc. I don't use it, so I can't vouch for it. If it happens again, you can look into it below, however, I imagine WA hosting probably took care of that for you already.

http://wordpress.org/support/view/plugin-reviews/disable-xml-rpc-pingback

Let's hope the WP version 4.0 release will addresses this issue. The vulnerability has been around for a long time. ~Jude

See more comments

asked in
Website Development & Programming
Updated

I own 2 domain names with different keywords but addressing the same niche. Only one is active and has content. Does it make sense and is it possible to activate the non-content

Personally I would 'forward' the domain not in use, it doesn't cost anything to do that.

Thanks Russ for the reply. Getting mixed signals. Some have messaged me that a "redirect" is useless unless the unused domain had previous content and links. Guess I'll just do nothing at this time.

See more comments

Can you redirect a non content domain to a different domain?

Can you redirect a non content domain to a different domain?

asked in
Website Development & Programming
Updated

I own 2 domain names with different keywords but addressing the same niche. Only one is active and has content. Does it make sense and is it possible to activate the non-content

Personally I would 'forward' the domain not in use, it doesn't cost anything to do that.

Thanks Russ for the reply. Getting mixed signals. Some have messaged me that a "redirect" is useless unless the unused domain had previous content and links. Guess I'll just do nothing at this time.

See more comments

asked in
The Wealthy Affiliate Platform
Updated

At some point in the middle of the night a hacker, bot, whatever, infiltrated my WordPress site, made themselves an authorized user and inserted a post. Then, all of my subscribers

It seems my site has been completely taken over? I can not even log in, it redirects me to some useless page. I can not even get into my word press, nothing. How do I just delete everything when I can not get into the site? I try even from here, where it is being hosted from and I can not get to it?

I would like to know how it got hacked when I am using wa for hosting and I have not ever changed the password, I log into the site from here. I am not happy right now at all

Please keep in mind that it is not WA that allows hackers. Hackers work on all hosting services. I have BlueHost and I usually get 1 attempt a day to hack my site.
I have the attempts set to 3, I think, and it makes it more difficult for hackers to get in. I also have a word not in the dictionary for a password and I have deleted admin as the username.

Hey Tria - Have now installed a login limit plugin, changed the user name, changed all passwords and managed to lock myself out after three attempts using a password that was missing a character! Is it any wonder that I am gray and balding. I think I will just concentrate on content and hire a real "administrator" that knows something about this
techie stuff. Thanks for the reply!

How about you install LastPass instead? It is a free Password keeper and relieves you of much struggle as it records the passwords as you enter them. Let me know if you are interested, I will give you a hand if you need it.

Tria - A quick follow-up to your LastPass suggestion. A friend suggested "1Password" which I have downloaded and begun populating with all of my myriad of passwords. Hopefully this will eliminate the embarrassment of being locked out of my own site!

To help prevent hackers getting into your site, you need a password that cannot be found in the dictionary. This means it will consist of upper case and lower case letters, numbers and symbols. Something like this- B6:uZ?9£cR
I also use a plugin called limit logins. You can set the amount of times to loggin, so if a bot or hacker tries to log in, they will be then locked out after a number of attempts.
I have my sites set to 4 attempts.
I regularly receive emails notyfying me of attempted logins, with the IP address that is attempting to hack my site.
Using this method above, I have never been hacked.

Thank you Pete for the advice. I will definitely look into the "limit logins" plugin.

Well the worst that can happen now if you have stopped your new users form being administrators the the worst you can get is unwanted content/porn etc.

Oh dear, I did not realize that you were using WA hosting. I certainly did not suggest that you buy the premium plugin the free one is fine. If you cannot get your money back the only thing I can suggest is that I can give you free hosting, and you can upload it there, as I feel partially responsible.

I can see the logic of having new users as administrators as default, but to ayone who has soe that they must go into settings general so that new subscribers can only become authors.

Should you want to have your own hosting pm me and I will set it up for you

Katherine, I tend to purchase the "premium" of most everything so not your fault. I think the recommendations you made are great and should WA allow another hacker on my site after I followed their instructions, then I will certainly look elsewhere for a new host.

Wordfence helps see my log post ad put it in, I will write a blog post tomorrow about wp security so keep your eyes peeled
Glad I could help

You need to do is check the permissions of the user's of your blog. An administrator can delete that whole blog, while a subscriber also has limited permissions.

Go to your WordPress dashboard

under plugins is a category called users, click on that and the submenu will appear click on all users and open up that page. You should see your name and your permissions as the administrator. If there are any other administrators you have not given permissions to delete them by clicking on the box next to them, going to the top of the page and use the drop-down menu to say delete all of them.
Assuming that there's no one here apart from you that means that they became a subscriber or author to check that

Go to settings
click the general tab,
read down the page until you see members leave that box unchecked and underneath that you will see the permissions of the new members. Make sure it doesn't say administrator.That stops ay hacker from doing massive damage/

The wordfence plugin is a plugin which tells you when people try to hack your blog. The plug-in will automatically lock down the IP address of anyone trying to hack into your blog after 20 attempts. It also emails you the IP address of the potential hacker. In an average day I get between three and 11 such emails. Download the plug-in here
http://www.wordfence.com/

Make sure your password is secure by using an online password generator. All my blogs have a 25 character password. When I set up the blog I put down on a text file the URL, the login details for the hosting and the login details for WordPress.

To secure your password go here
https://identitysafe.norton.com/password-generator
this site is owned by Symantec and make the Norton antivirus software.

Hope this helps, if this has not solved the problem then you need to make some more changes. However to write that here is too long please PM me if you have any further difficulties and I will happily tell you what to do.
p.s Askimet has absolutely othing to do with this.

Thank you Catherine for this very specific advice! The first thing I did was to go into the "Users" section and discovered this obviously fake name listed as a user and eliminated it.

I shall immediately follow up with the rest of your suggestions. I guess I should feel privileged that my little site has generated interest among the hacker community. Is this a sign of marketing success? Just kidding (I hate the use of LOL, by the way).

Again thank you, Catherine.

Katherine - a follow up.

I downloaded Wordfence (the security plugin you mentioned) even bought their premium issue. Couldn't get it to work and received error messages which suggested that my server needed to make changes to my site to effect the plugin.

WA is my server and their response to this problem was that they don't allow 3rd party security plugins (because they are redundant to their WP security measures). Additionally the support tech indicated this was a mistake on my part as "Settings" - "General" had "Administrator"
as the "New User Default Role".

As this was the default setting when I first opened up that section from my dashboard I never changed it.

SO - to any other newbies out there, please check your "Settings" - "General" section to make sure you change the "New User Default Role" to other than "Administrator".

Perhaps the blog you intend to write should mention that WA does not allow 3rd party security plugins.

Sorry to be so long winded!

First, make sure you change all the passwords to your wordpress account. Next, there are some plugins you can use for security. There are some really good ones.

which ones?

I'm going to display my tech ignorance. Are you referring to the password for my "admin" under "Users" which I have now changed. That is the only WP password section I have found.

Also, if you can recommend a specific security plug-in it would be greatly appreciated, otherwise I will search the plug-in directories for one that might work.

Thank you for your efforts on my behalf.

I dont have any on my sites, so cant recommend one :( But, if you type security into your plugin search you will get a nice list. Go with one that has 5 stars

Yep Yep... that is the password I was talking about. Glad you got it changed as well

Wow - and you had Askimet!
... I don't know how to help, but will be following this discussion.
Is your password safe? Maybe you might change that.

Changing the password seems to be a solution but not sure that will be a permanent fix. If they can hack through a password that was considered "very strong" by WP then they can probably hack through any other password.

See more comments

My site has been hacked now what?

My site has been hacked now what?

asked in
The Wealthy Affiliate Platform
Updated

At some point in the middle of the night a hacker, bot, whatever, infiltrated my WordPress site, made themselves an authorized user and inserted a post. Then, all of my subscribers

It seems my site has been completely taken over? I can not even log in, it redirects me to some useless page. I can not even get into my word press, nothing. How do I just delete everything when I can not get into the site? I try even from here, where it is being hosted from and I can not get to it?

I would like to know how it got hacked when I am using wa for hosting and I have not ever changed the password, I log into the site from here. I am not happy right now at all

Please keep in mind that it is not WA that allows hackers. Hackers work on all hosting services. I have BlueHost and I usually get 1 attempt a day to hack my site.
I have the attempts set to 3, I think, and it makes it more difficult for hackers to get in. I also have a word not in the dictionary for a password and I have deleted admin as the username.

Hey Tria - Have now installed a login limit plugin, changed the user name, changed all passwords and managed to lock myself out after three attempts using a password that was missing a character! Is it any wonder that I am gray and balding. I think I will just concentrate on content and hire a real "administrator" that knows something about this
techie stuff. Thanks for the reply!

How about you install LastPass instead? It is a free Password keeper and relieves you of much struggle as it records the passwords as you enter them. Let me know if you are interested, I will give you a hand if you need it.

Tria - A quick follow-up to your LastPass suggestion. A friend suggested "1Password" which I have downloaded and begun populating with all of my myriad of passwords. Hopefully this will eliminate the embarrassment of being locked out of my own site!

To help prevent hackers getting into your site, you need a password that cannot be found in the dictionary. This means it will consist of upper case and lower case letters, numbers and symbols. Something like this- B6:uZ?9£cR
I also use a plugin called limit logins. You can set the amount of times to loggin, so if a bot or hacker tries to log in, they will be then locked out after a number of attempts.
I have my sites set to 4 attempts.
I regularly receive emails notyfying me of attempted logins, with the IP address that is attempting to hack my site.
Using this method above, I have never been hacked.

Thank you Pete for the advice. I will definitely look into the "limit logins" plugin.

Well the worst that can happen now if you have stopped your new users form being administrators the the worst you can get is unwanted content/porn etc.

Oh dear, I did not realize that you were using WA hosting. I certainly did not suggest that you buy the premium plugin the free one is fine. If you cannot get your money back the only thing I can suggest is that I can give you free hosting, and you can upload it there, as I feel partially responsible.

I can see the logic of having new users as administrators as default, but to ayone who has soe that they must go into settings general so that new subscribers can only become authors.

Should you want to have your own hosting pm me and I will set it up for you

Katherine, I tend to purchase the "premium" of most everything so not your fault. I think the recommendations you made are great and should WA allow another hacker on my site after I followed their instructions, then I will certainly look elsewhere for a new host.

Wordfence helps see my log post ad put it in, I will write a blog post tomorrow about wp security so keep your eyes peeled
Glad I could help

You need to do is check the permissions of the user's of your blog. An administrator can delete that whole blog, while a subscriber also has limited permissions.

Go to your WordPress dashboard

under plugins is a category called users, click on that and the submenu will appear click on all users and open up that page. You should see your name and your permissions as the administrator. If there are any other administrators you have not given permissions to delete them by clicking on the box next to them, going to the top of the page and use the drop-down menu to say delete all of them.
Assuming that there's no one here apart from you that means that they became a subscriber or author to check that

Go to settings
click the general tab,
read down the page until you see members leave that box unchecked and underneath that you will see the permissions of the new members. Make sure it doesn't say administrator.That stops ay hacker from doing massive damage/

The wordfence plugin is a plugin which tells you when people try to hack your blog. The plug-in will automatically lock down the IP address of anyone trying to hack into your blog after 20 attempts. It also emails you the IP address of the potential hacker. In an average day I get between three and 11 such emails. Download the plug-in here
http://www.wordfence.com/

Make sure your password is secure by using an online password generator. All my blogs have a 25 character password. When I set up the blog I put down on a text file the URL, the login details for the hosting and the login details for WordPress.

To secure your password go here
https://identitysafe.norton.com/password-generator
this site is owned by Symantec and make the Norton antivirus software.

Hope this helps, if this has not solved the problem then you need to make some more changes. However to write that here is too long please PM me if you have any further difficulties and I will happily tell you what to do.
p.s Askimet has absolutely othing to do with this.

Thank you Catherine for this very specific advice! The first thing I did was to go into the "Users" section and discovered this obviously fake name listed as a user and eliminated it.

I shall immediately follow up with the rest of your suggestions. I guess I should feel privileged that my little site has generated interest among the hacker community. Is this a sign of marketing success? Just kidding (I hate the use of LOL, by the way).

Again thank you, Catherine.

Katherine - a follow up.

I downloaded Wordfence (the security plugin you mentioned) even bought their premium issue. Couldn't get it to work and received error messages which suggested that my server needed to make changes to my site to effect the plugin.

WA is my server and their response to this problem was that they don't allow 3rd party security plugins (because they are redundant to their WP security measures). Additionally the support tech indicated this was a mistake on my part as "Settings" - "General" had "Administrator"
as the "New User Default Role".

As this was the default setting when I first opened up that section from my dashboard I never changed it.

SO - to any other newbies out there, please check your "Settings" - "General" section to make sure you change the "New User Default Role" to other than "Administrator".

Perhaps the blog you intend to write should mention that WA does not allow 3rd party security plugins.

Sorry to be so long winded!

First, make sure you change all the passwords to your wordpress account. Next, there are some plugins you can use for security. There are some really good ones.

which ones?

I'm going to display my tech ignorance. Are you referring to the password for my "admin" under "Users" which I have now changed. That is the only WP password section I have found.

Also, if you can recommend a specific security plug-in it would be greatly appreciated, otherwise I will search the plug-in directories for one that might work.

Thank you for your efforts on my behalf.

I dont have any on my sites, so cant recommend one :( But, if you type security into your plugin search you will get a nice list. Go with one that has 5 stars

Yep Yep... that is the password I was talking about. Glad you got it changed as well

Wow - and you had Askimet!
... I don't know how to help, but will be following this discussion.
Is your password safe? Maybe you might change that.

Changing the password seems to be a solution but not sure that will be a permanent fix. If they can hack through a password that was considered "very strong" by WP then they can probably hack through any other password.

See more comments

asked in
Everything Wordpress
Updated

Just finished 1st draft of 1st post (see http://thegolfingsenior.com/?p=62 for reference). At bottom of post immediately before "Leave Reply" with Captcha code is a series of block

unless you altered something this is likely to be theme wide- and you will need to edit your PHP files- there are tutorials on WA...good luck!

Thank you Nomda. Figured it out - had to do with a plugin. See reply to Fred.

cool, as is Fred for sure! A

I checked your website and noticed those extra "feedback" fields - may I suggest you create another quick test post and see if the same happens. If YES then it has to do with a global setting (I can't tell); If NO then I suggest you try delete every lines following your last post picture...hope this helps.

Spot on Fred. Test post did not have extra field. Problem was in Jetpack plugin with a contact form insert program which I triggered in error on this post. Deactivated this feature of Jetpack and problem went away. Much Thanks for pointing me in right direction.

See more comments

Two Areas for Comments on one post? What happened?

Two Areas for Comments on one post? What happened?

asked in
Everything Wordpress
Updated

Just finished 1st draft of 1st post (see http://thegolfingsenior.com/?p=62 for reference). At bottom of post immediately before "Leave Reply" with Captcha code is a series of block

unless you altered something this is likely to be theme wide- and you will need to edit your PHP files- there are tutorials on WA...good luck!

Thank you Nomda. Figured it out - had to do with a plugin. See reply to Fred.

cool, as is Fred for sure! A

I checked your website and noticed those extra "feedback" fields - may I suggest you create another quick test post and see if the same happens. If YES then it has to do with a global setting (I can't tell); If NO then I suggest you try delete every lines following your last post picture...hope this helps.

Spot on Fred. Test post did not have extra field. Problem was in Jetpack plugin with a contact form insert program which I triggered in error on this post. Deactivated this feature of Jetpack and problem went away. Much Thanks for pointing me in right direction.

See more comments

asked in
Everything Wordpress
Updated

My theme has one right sidebar. I don't want any widgets on the landing page. I have eliminated all of the default widgets that showed on the original layout except for one box tha

Please let me know what have you done to your site. Were you successful to remove that widget or you have allowed widgets to show on your website?

Hey Arka . As Welshy indicated, my theme will not allow me to eliminate all widgets in the sidebars. I can apparantly limit it to just one but I must have at least one or that generic "META" box will show. I am tired of looking and previewing hundreds of themes so I'll stick to this one. Thank for the interest.

You're seeing the meta widget because it's a theme default, if no widget are added it will load the default META widget.

Welshy, my friend you are absolutely correct. The template does not allow me to eliminate the sidebar entirely. So, despite my druthers, I will have to go with at least one sidebar to keep the template gods happy or change the template. Thank you!

You can change your page layout to a full screen layout. In page edit mode look on the right

http://waynewallace.s3.amazonaws.com/Edit_Page__My_Marketing_Hotline__WordPress_20140324_112310_20140324_112325.jpg

His theme doesn't come with any template selection.

Wayne, unfortunately, my template didn't offer this alternative. Thanks for all the advice given to the Community and to me.

I used a proxy to access your website. The meta widget is indeed there. Are you sure you have checked properly, you have to click the drop down button to open the sidebar widget area. How about you contact your website developer about the issue. And just for instance, the sidebar is fixed for both your homepage and any other post/pae whatsoever. Don't feel bad about the looks, you can check Kyle's website. It is just the same: http://waystoavoidscamsonline.com/

Thank you again Arka for taking your time to ponder this problem.

Your website is not opening up. Anyways I think the problem is in your widgets management section. You might have not removed the meta widget from the sidebar section.

That's the problem. The "Meta" widget is only showing under "Available Widgets" in far left column of dashboard page along with Search, Archives, Calendar, etc.and not under First or Second Sidebar headings in the right columns which has no widgets showing at all. The website opened for me when I clicked on the link below. Thanks for trying. I sincerely appreciate the effort.

Please mention your website link.

Beta site is www.seniorgolfersdonttakemulligans.com

See more comments

How do I eliminate all Widgets on Landing Page?

How do I eliminate all Widgets on Landing Page?

asked in
Everything Wordpress
Updated

My theme has one right sidebar. I don't want any widgets on the landing page. I have eliminated all of the default widgets that showed on the original layout except for one box tha

Please let me know what have you done to your site. Were you successful to remove that widget or you have allowed widgets to show on your website?

Hey Arka . As Welshy indicated, my theme will not allow me to eliminate all widgets in the sidebars. I can apparantly limit it to just one but I must have at least one or that generic "META" box will show. I am tired of looking and previewing hundreds of themes so I'll stick to this one. Thank for the interest.

You're seeing the meta widget because it's a theme default, if no widget are added it will load the default META widget.

Welshy, my friend you are absolutely correct. The template does not allow me to eliminate the sidebar entirely. So, despite my druthers, I will have to go with at least one sidebar to keep the template gods happy or change the template. Thank you!

You can change your page layout to a full screen layout. In page edit mode look on the right

http://waynewallace.s3.amazonaws.com/Edit_Page__My_Marketing_Hotline__WordPress_20140324_112310_20140324_112325.jpg

His theme doesn't come with any template selection.

Wayne, unfortunately, my template didn't offer this alternative. Thanks for all the advice given to the Community and to me.

I used a proxy to access your website. The meta widget is indeed there. Are you sure you have checked properly, you have to click the drop down button to open the sidebar widget area. How about you contact your website developer about the issue. And just for instance, the sidebar is fixed for both your homepage and any other post/pae whatsoever. Don't feel bad about the looks, you can check Kyle's website. It is just the same: http://waystoavoidscamsonline.com/

Thank you again Arka for taking your time to ponder this problem.

Your website is not opening up. Anyways I think the problem is in your widgets management section. You might have not removed the meta widget from the sidebar section.

That's the problem. The "Meta" widget is only showing under "Available Widgets" in far left column of dashboard page along with Search, Archives, Calendar, etc.and not under First or Second Sidebar headings in the right columns which has no widgets showing at all. The website opened for me when I clicked on the link below. Thanks for trying. I sincerely appreciate the effort.

Please mention your website link.

Beta site is www.seniorgolfersdonttakemulligans.com

See more comments

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training