"Warning : Cannot modify header information..." on Certain Pages

Hello everyone! I am a new user to Bricks, and built my first website about a month ago. Prior to the latest security update (Bricks 1.9.6.1.) it was running great. However, I just checked on it today and am getting the following text on top my website login page:

Warning : Cannot modify header information - headers already sent by (output started at /home/customer/www/minifigsinspace.com/public_html/index.php:1) in**/home/customer/www/minifigsinspace.com/public_html/wp-includes/functions.php** on line7049

MIS Warning Message Error2560×1475 225 KB

I attempted to log in, and it shows a white screen with the same text I posted above.

In case it’s helpful, here’s a link to my website: https://minifigsinspace.com/

For context, I do not know any coding. I am at a lost of what to do. I don’t know if this is a bug or not with the latest update, but I want to assume first that it’s a “me” issue before reporting as one, if that makes sense. Any help will be greatly appreciated.

I think I had read that it’s one of the errors you will find when it’s been hacked, so my suspicion is your site was compromised before you updated to 1.9.6.1, unfortunately and activated soon after. You’ll want to look at this page the Bricks team published: Steps to identify and repair a compromised Bricks site – Bricks Academy

On the chance it’s similar but not hacked, then there may be these articles that can help:

• How to Fix the "Cannot Modify Header Information - Headers Already Sent By" Error
• How to Fix the “Cannot Modify Header Information – Headers Already Sent By” Error - MalCare

You may also want to check the last modified date of your index.php and functions.php file in WordPress, I suspect you’ll find the dates modified was very recent.

Thank you very much! Your suspicion is correct. I discovered a new account with the “administrator” role. I have deleted the new admin account, and am currently exploring what other measures to take.

Thanks again!