What’s the security risk in password recovery attempts

Last days I’ve received multiple password recovery attempts for a WordPress user. The user didn’t initiate these attempts.

I’m blocking the IP’s on the server, but I don’t see what the goal of the attacker is. I checked the mails the user receives, and they contain a valid password reset link (so no phishing attempt).

So I don’t really understand what the attacker is trying to achieve with these password recovery requests. Or are they just checking for vulnerabilities on that page?

Go to Source
Author: Coder14

After restoring WordPress website from a backup it’s displaying the default Theme page not mine

I have a website made with wordpress it uses the OneTone-Pro theme. I have several backups from different months. I’ve just created a new database, restored the database from a .sql file, then copied all the files to a directory on my webserver. When I visit the website it displays the default page that comes with OneTone-Pro. Not my website.

Go to Source
Author: Stephen H. Anderson

WordPress website hosted on nginx ubuntu isn’t loading anymore

WordPress website hosted on nginx ubuntu isn’t loading anymore

I just found out the WordPress website isn’t running anymore. When opening example.in, it simply shows the text Error establishing a database connection. The wp website is the folder /var/www/examplewp

I have other non-PHP based websites running smoothly on the same server. Even the xxx.example.in which is a non-php based website is working.

I tried opening files such as example.in/readmore.html or example.in/hello.txt which I created in the base folder of the WP and that’s working.

Here’s the details:

php -v

PHP 7.2.19-0ubuntu0.18.10.1 (cli) (built: Jun  4 2019 14:46:43) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.19-0ubuntu0.18.10.1, Copyright (c) 1999-2018, by Zend Technologies

uname -a

Linux ubuntu-s-1vcpu-1gb-blr1-01 4.18.0-25-generic #26-Ubuntu SMP Mon Jun 24 09:32:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

This is my xxx_nginx.conf file

server {
        server_name example.in www.example.in;
        root /var/www/examplewp;
        access_log /var/log/nginx/wp_client_access.log;
        error_log /var/log/nginx/wp_client_error.log;

        location / {
                index   index.php index.html;
                #try_files      $uri $uri/ /index.php?$args;
        # Specify a charset
        charset                         utf-8;
        # GZIP
        gzip                            off;

        # Add trailing slash to */wp-admin requests.
        rewrite /wp-admin$ $scheme://$host$uri/ permanent;

        # Prevents hidden files (beginning with a period) from being served
        location ~ /. {
                access_log                      off;
                log_not_found                   off;
                deny                            all;

        location ~* ^.+.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
                access_log                      off;
                log_not_found                   off;
                expires                         max;

        # Pass all .php files onto a php-fpm or php-cgi server
        location ~ .php$ {
                try_files                       $uri =404;
                include                         /etc/nginx/fastcgi_params;
                fastcgi_read_timeout            3600s;
                fastcgi_buffer_size             128k;
                fastcgi_buffers                 4 128k;
                fastcgi_param                   SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_pass                    unix:/run/php/php7.2-fpm.sock;
                fastcgi_pass                    unix:/run/php/php7.2-fpm.sock;
                fastcgi_index                   index.php;

        # ROBOTS

         location = /robots.txt {
               allow all;
               log_not_found off;
               access_log off;
        location ~* /(?:uploads|files)/.*.php$ {
                deny all;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.in/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.in/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = www.example.in) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = example.in) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

        server_name example.in www.example.in;
    listen 80;
    return 404; # managed by Certbot

I tried restarting the server with sudo service nginx restart but it doesn’t help. Even the HTML or TXT files aren’t opening. I tried with the command line sudo service php7-fpm restart but got the response:

Failed to restart php7-fpm.service: Unit php7-fpm.service not found.

I can open info.php file though which has the phpinfo(); and see all the PHP related files.

I also check the error log but it’s empty: /var/log/nginx/wp_client_error.log

I tried restarting the mysql with this command land: sudo /etc/init.d/mysql start and got the following error:

[....] Starting mysql (via systemctl): mysql.serviceJob for mysql.service failed because the control process exited with error code.
See "systemctl status mysql.service" and "journalctl -xe" for details.

Go to Source
Author: Nikita Gupta