How to Quickly and Reliably Fix a Bug

Problem:

It may take you much effort to fix a bug. The fix may not be reliable. How can you avoid this situation?

Solution:
  1. Try to reliably reproduce the bug. It is okay if this may not be successful.
  2. Search for an existing solution using the error message, the library or framework name and version, and the operating system name and version. This can save us a lot of effort.
  3. Try to understand all the concepts in the error message.
  4. Debug and log messages to identify the exact location of the source code that causes the issue. In order to to this we need to do the followings.
    • Identifying the flow of the data, i.e. the use case, the entry point and the exit point.
    • Trying to understand the programming language syntax. Do not guess anything.
    • Trying to understand the purpose, inputs and outputs of a library function. Again, do not guess anything.
    • Trying to understand the data structure and a part of the database schema related to the use case.
    • Trying to review some values inside the database if possible.
    • Trying to understand the concepts, algorithms and architecture related to the use case.
    • These steps may be done in parallel and iteratively.
  5. Guess a cause of the problem based on the information retrieved in the third step.
  6. Try to isolate the issue, i.e. try to reproduce the issue using specific code and unit tests, if possible.
  7. Search for or propose a solution for the cause, i.e. propose a fix.
  8. Test the fix.
  9. Repeat from Step 5 to 8 if needed.

How to Fix a Hacked WordPress Website

Problem:

When you visit your WordPress website you are randomly redirected to unwanted websites.

Solution:
  • Log in your website as an Administrator.
  • Go to Appearance >> Theme Editor.
  • Click on the Theme Functions link on the right side.
  • Verify if malicious code was injected into the functions.php file.

Example of malicious code:

<?php
@ini_set('display_errors', '0');
error_reporting(0);
global $zeeta;
if (!$npDcheckClassBgp && !isset($zeeta)) {
  • If yes, then download the functions.php file to your machine via FTP, remove the malicious code, then upload it to your server.
  • If you have several themes in your website then activate them one by one and repeat the procedure for all of them.
  • Open the wp-config.php file.
  • Verify if malicious code was injected into the wp-config.php file.

Example of malicious code:

include_once(ABSPATH . WPINC . '/header.php');
  • If yes, then verify content of the wp-includes/header.php file, and possibly remove the wp-includes/header.php file, then remove the malicious code in the wp-config.php file.
  • Copy a small string of malicious code, for example npDcheckClassBgp, and search for it in the content of all the files using the commands (in Windows) below.
cd C:\inetpub\wwwroot
findstr /s "npDcheckClassBgp" *.*

where C:\inetpub\wwwroot is the path of the parent of your WordPress website.

  • If you find the string in any file then review the content of the file and remove the malicious code.
  • In Windows, stop the website using the command below.
net stop w3svc
  • Delete all the files and folders except the wp-content folder, the wp-config.php, .htaccess, and web.config file.
  • Review and remove all the suspicious contents in your wp-content directory.
  • Go to the wp-content\plugins folder.
  • Delete all the plugins, especially the plugins closed due to Guideline Violation.
  • Manually re-download and unzip all the necessary plugins.
  • Download the latest version of WordPress.
  • Unzip and copy the the latest version of WordPress to the root of your website.
  • In Windows, start the website using the command below.
net start w3svc
  • Log in your website as an Administrator.
  • Remove all the unused plug-ins or themes.
  • Install, activate and configure a CAPTCHA plug-in to protect Login Form, Registration Form, Lost Password Form, Reset Password Form and Comment Form if there is no one.
  • Disable insecure FTP access if there is one.
  • Install and activate the Simple History plugin to review access to your website. After 1 or 2 days, review the access information, and possibly block the malicious IP addresses using the Windows Firewall.
  • Install, activate and configure¬†Cerber Security plug-in to automatically detect and block the malicious IP addresses.

 

How to Fix “The parameter is incorrect” Issue When Disabling the Sync Host OneSyncSvc Service

Problem:

The Sync Host OneSyncSvc service was not started correctly and caused error in the Server Manager.

You wanted to disable this service. However you got the “The parameter is incorrect” error message when disabling it.

Solution:
  1. Click on the Search icon, type regedit, press Enter.
  2. Locate the key below
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OneSyncSvc

3.  Change the Start value from 2 to 4 (Disabled).

4. Restart the server.