Aug
8
Daniel Curran on August 8th, 2009
Here is a little surprise I received upon returning from vacation. I was editing a blog and when I went to save the post an error popped up reading:
- The server (our server domain, e.g. DOMAIN.COM) at Magic requires a username and password.
Well isn’t that special?
The problem is caused by the vars.php file located in the WP-INCLUDES folder. Someone did a SQL Injection (Read More Here) and added code to the file.
The fix is an easy one – 2 steps:
- Download a new version of the vars.php file from WordPress and replace the corrupted one. Look here – Simply choose your WordPress version
- Update WordPress to the latest version!
Normally, the files starts:
<?php /** * Creates common globals for the rest of WordPress * * Sets $pagenow global which is the current page. Checks * for the browser to set which one is currently being used. * * Detects which user environment WordPress is being used on. * Only attempts to check for Apache and IIS. Two web servers * with known permalink capability. * * @package WordPress */
But after it has been “hacked” there is encrypted text reading something like:
eval(base64_decode("JGxsbD0wO2V2YWwoYmFzZT....
So once again, Look here – Simply choose your WordPress version, go to WP-INLUDES, download Vars.php and replace the one on your server. Then update WordPress for better security.

(8 votes, average: 5.25 out of 6)










































October 5th, 2009 at 3:59 pm
Thanks so much, at last a place where things are explained clearly. I fixed the problem in 10 secs.
October 11th, 2009 at 4:20 pm
thanks so much!!! great tutorial, saved my life
October 11th, 2009 at 8:22 pm
You should have the Nobel Peace Price
October 17th, 2009 at 2:53 pm
thank you SOOO much! you really helped me a TON!!
October 17th, 2009 at 11:31 pm
This was GREAT! Newbie to WordPress and this was just what the doctor ordered. many thanks.
October 18th, 2009 at 6:04 pm
This is what being a great citizen in the internet is.. Having an issue solving it and letting other people know in case they get into the same circumstance.
Many Thanks
November 4th, 2009 at 4:30 pm
Thank you for this bug fixing.
in Turkish: Ellerin dert görmesin : )
December 26th, 2009 at 1:15 pm
thanks you good education
July 6th, 2010 at 2:51 pm
Thanks so much. I kill the problem!