Whatever that is, it’s not from WordPress, and definitely not the same as WordPress’s login, which looks like this: https://projectdmc.org/documentation/article/first-steps-with-wordpress-block-editor/#log-in
There is probably an index.html or home.html file in the same directory as the WordPress index.php file. Remove the index.html or home.html file, either via SFTP or FTP or a file manager in your hosting account’s control panel (consult your hosting provider’s documentation for specifics on these), and all should be fine.
If that doesn’t work, try editing your .htaccess file with with a plain text editor and add this to the top:
DirectoryIndex index.php index.html index.htm
Hello James,
I have done what you suggested with no impact at all. I have the feeling the request is somehow redirected before WordPress. Absolutely nothing that I change has any impact. In the folder I only have a file called _index.html (i totally changed name with no impact) and a index5.php which shows as changed yesterday morning at 4:30 but I haven’t changed anything to my website since months. Of course the index.php is there and it is the correct one.
Thank you for your help,
Mihai
- This reply was modified 17 hours, 33 minutes ago by mihaivasi.
What is the content of your .htaccess file?
If you can’t find a .htaccess file, ensure that you have set your SFTP or FTP client to view invisible files.
good morning,
here is my .htaccess
SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE “application/atom+xml” “application/javascript” “application/json” “application/ld+json” “application/manifest+json” “application/rdf+xml” “application/rss+xml” “application/schema+json” “application/vnd.geo+json” “application/vnd.ms-fontobject” “application/x-font-ttf” “application/x-javascript” “application/x-web-app-manifest+json” “application/xhtml+xml” “application/xml” “font/eot” “font/opentype” “image/bmp” “image/svg+xml” “image/vnd.microsoft.icon” “image/x-icon” “text/cache-manifest” “text/css” “text/html” “text/javascript” “text/plain” “text/vcard” “text/vnd.rim.location.xloc” “text/vtt” “text/x-component” “text/x-cross-domain-policy” “text/xml” SECTION BEGIN GIT PROTECTION
RedirectMatch 404 /.git SECTION END GIT PROTECTION BEGIN WPSuperCache The directives (lines) between BEGIN WPSuperCache
and END WPSuperCache
are dynamically generated, and should only be modified via WordPress filters. Any changes to the directives between these markers will be overwritten. END WPSuperCache Begin Really Simple Security
RewriteEngine on RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L] End Really Simple Security BEGIN WordPress Die Anweisungen (Zeilen) zwischen «BEGIN WordPress» und «END WordPress» sind dynamisch generiert und sollten nur über WordPress-Filter geändert werden. Alle Änderungen an den Anweisungen zwischen diesen Markierungen werden überschrieben.
RewriteEngine On RewriteRule .* – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] END WordPress
Hm, that should be fine too.
Is there any improvement if you deactivate all plugins except WP Super Cache and then clear the cache?
I renamed all subfolders in plugins folder and still no change
- This reply was modified 8 hours, 34 minutes ago by mihaivasi.
Create a file called test.html
in the main directory and try to call it up directly. If you cannot reach it, the request is actually being deflected before your hosting. In this case, I would recommend contacting your hoster’s support.
I have already change the index.php to a hello world and it worked.
now I’ve set https://oanasbeautyroom.ch/test.php and it works
there is a file that was edited yesterday morning called .hcontent (not by me) what is this file for?
thecontents
RewriteEngine On RewriteBase / RewriteRule ^index.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L]Order Allow,Deny Deny from all
Order Allow,Deny Allow from all
Sounds to me like a (probably not complete) hack of the website. This index5.php
is also an indication of this.
My recommendation therefore:
If nothing helps, I would recommend restoring the project from a clean backup. To do this, delete directories, files and database, then restore the backup. Then change all passwords, just to be on the safe side, and install all pending updates.
Also take a look at this article: https://projectdmc.org/documentation/article/hardening-wordpress/
I have the same feeling. I see a lot of files changed/created yesterday morning at 4:27
.hcontent
index5.php
gh.php
wp-term.php
wp-ver.php
all these files were not here before.. I don’t have them in my back ups
- This reply was modified 7 hours, 45 minutes ago by mihaivasi.
Then I would recommend using the backups and subsequent security measures as described above.
Thank you very much both for you help. I managed to recover it from an older back up. I will change all passwords now.
You may want to implement some (if not all) of the recommended security measures.