Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
You have been hacked. Soon they will load their own index.phph file and your site is no longer available.
They gained access to your admin files and set their own username and email in your DB files. Use PHP_Myadmin and check the ‘users’ there you’ll find they have invaded into your dbase.
It is essential to have ‘strong’ passwords and a WordPress security plugin running, also essential to change some file permissions – See BPS security Plugin.
A similar hack happened to a new site I had created last year, it required a total re-build (as I had not backed it up!!). Although you can find where they infiltrate via username & perhaps all looks OK, you do not know if they have hidden a file somewhere???
Hope this helps
Ok guys… I need precise directions to follow and block them…
When you say:
Use PHP_Myadmin and check the ‘users’ there you’ll find they have invaded into your dbase.
Does this means that I can erase their action there and fix this issue?
I’ve activated the “Better WP Security” and it seems to be working great, but I still can erase the sec-w username…
What should I do?
You access your ISP host and the Cpanel for your site.
There you will find the admin options for the ‘Database’
– Use the phpMyAdmin option
– Once open, usually on the left hand side, select your dbase ‘ ……_wrdp_1’
– All the dbase folders now show
– Select ‘wp_users’, once open it will show the records, edit the hacked user then save.
Best I can offer, it is a fairly self intuitive operation. Just found this search result :http://support.godaddy.com/help/article/5942/using-phpmyadmin-to-manage-mysql-databases
GREAT!!! Thank you!!!
I just did it… it worked at least for erasing the sec-w username… let’s hope this and the previous action to protect my website will be enough…
I guess I can say for now that is a solved issue…