Home › Forums › Support Forum › Godaddy plug in error
This topic contains 1 reply, has 2 voices, and was last updated by Anti-Malware Admin 8 years, 12 months ago.
-
AuthorPosts
-
December 29, 2015 at 10:53 am #1344
If anyone can help me with this I would appreciate it.
I ran this on my dedicated server and only came back with one threat (unlike the 338 on my shared server), which is on a godaddy plug in.
The code is as follows:
<?php
/**
* Copyright 2013 Go Daddy Operating Company, LLC. All Rights Reserved.
*/
// Make sure it’s wordpress
if ( !defined( ‘ABSPATH’ ) )
die( ‘Forbidden’ );
/**
* Class GD_System_Plugin_404
* Stop infinite 404 loops
* @version 1.0
* @author Kurt Payne <kpayne@godaddy.com>
*/
class GD_System_Plugin_404 {
/**
* Constructor
*/
public function __construct() {
add_action( ‘wp’, array( $this, ‘stop_infinite_404_loops’ ) );
}
/**
* Some plugins / themes fetch local resources over http. When the resources aren’t there,
* WordPress returns a 404 page, which causes the theme / plugin to fire again and try to
* fetch the same missing resource and creates an infinite 404 loop. This intercedes and
* stops that behavior. Pages that end with .htm and .html will still render correctly.
* @return void
*/
public function stop_infinite_404_loops() {
global $wp_query;
if ( is_404() && isset( $wp_query->query['pagename'] ) && preg_match( ‘/^[^?&=]+\.(css|gif|jpeg|jpg|js|png)(\?|&)?(.*)?$/i’, $wp_query->query['pagename'] ) ) {
status_header( 404 );
switch ( strtolower( pathinfo( $wp_query->query['pagename'], PATHINFO_EXTENSION ) ) ) {
case ‘gif’ :
gd_system_header( ‘Content-type: image/gif’ );
include( GD_SYSTEM_PLUGIN_DIR . ‘/images/404.gif’ );
break;
case ‘jpg’ :
case ‘jpeg’ :
gd_system_header( ‘Content-type: image/jpeg’ );
include( GD_SYSTEM_PLUGIN_DIR . ‘/images/404.jpg’ );
break;
case ‘png’ :
gd_system_header( ‘Content-type: image/png’ );
include( GD_SYSTEM_PLUGIN_DIR . ‘/images/404.png’ );
break;
case ‘css’ :
gd_system_header( ‘Content-type: text/css’ );
echo “\n”;
break;
case ‘js’ :
gd_system_header( ‘Content-type: application/javascript’ );
echo “\n”;
break;
}
add_filter( ‘wp_die_handler’, ‘gd_system_die_handler’, 10, 1 );
wp_die();
}
}
}
The code it does not like is: include( GD_SYSTEM_PLUGIN_DIR . ‘/images/404.gif’ );I also noticed on webmasters google is redirecting my site back to http, when in fact it is https.
If I am not mistaken webmasters had a spot to tell google how to read your domain. www. or no www. if I go to it with www. the https shows up.
on chrome, it stays www. and until you hit a page it does not show https. firefix it goes straight to https no matter what.so should I fix it with the repair button?
December 29, 2015 at 11:58 am #1345That code in the GoDaddy plugin is intentional but also unsafe. They should use passthru not include so that if the images contained PHP code it would not be executed (bad coding on their part).
You can fix that threat or ignore it, it won’t make any noticeable difference on your site and it won’t affect the HTTPS issue you are having.
You should make sure your “home” and “siteurl” values in the wp_options table match up with what you have instructed google to index in your sitemap. Also make sure there are no .htaccess redirects to the site without the HTTPS if you want to use the secure URL.
-
AuthorPosts
You must be logged in to reply to this topic.