Posted 1 month ago #
Today one of the blogs I administer was hacked. My password was changed (I don't use the 'admin' userid) and index.php had been replaced. The username record in wp-users was at ID=1.
I put back the correct index.php and deleted the username in wp-users at ID=1. I'm running the latest WordPress version. What else do I need to do to prevent this hack?
Have you contacted your hosting provider? The hack entry point could have been elsewhere on the server.
Posted 1 month ago #
Blog is hosted at BlueHost.com. They don't seem to have an idea, either. Their recommendation was to make sure I was running the latest software, which I am.
Posted 1 month ago #
Did you happen to lose all your posts? Or were those still there? I had a client report sort of the same issue. Their admin login was changed, along with the name of the blog and email address. But, all their posts were lost. I believe an attacker managed to re-run the install.php via a remote POST.
David
You must log in to post.
