WordPress.org

Ready to get started?Download WordPress

Forums

wordpress (10 posts)

  1. guldam
    Member
    Posted 1 year ago #

    This morning I went to my wordpress site, to do an update, and my user account didn't work. Logged in as another user, and was able to see that my normal user account was missing the username.

    Inside of the edit user setting was the input field for the user name with this inside of it: <adminnicename>

    Then inside of a dropdown labeled Contact was a bit of script that looked like it was putting the admin name into a <tr> tag.

    I've reset my user passwords, changed Authentication Unique Keys, and have attempted to change database passwords. So far that is failing. I have opened a ticket with the hosting company.

    Any ideas what has happened? Hacked?

    Is there such a thing as an admin nice name?

    GulDam

  2. Krishna
    Volunteer Moderator
    Posted 1 year ago #

    Can you post your site URL?

  3. Henry Perkins
    Member
    Posted 1 year ago #

    The "nice name" is what appears to people as the "Author Name" when you publish posts. The username is what you use to login to your WP-Admin dashboard.

    I would suggest disabling any plugins you have, and then troubleshooting from there.

    If you have access to phpMyAdmin or the MySQL database through other means, you can fix your user permissions in the wp_usermeta table if you are unable to do so through the WP-Admin.

    In the wp_usermeta change the wp_capabilities row to:
    a:1:{s:13:"administrator";s:1:"1";}
    ..for the appropriate user (you).

  4. guldam
    Member
    Posted 1 year ago #

    ok, I got hacked. They killed off the stylesheet:

    hacked by Hmei7<?php exit;?>

    Still trying to fix this mess. Don't think I have a back up of the stylesheet.

    TheReviewGuys.com

  5. Henry Perkins
    Member
    Posted 1 year ago #

    Usually being hacked is the result of having poorly coded plugins installed or an unsafe hosting environment (or a combination of both).

    A reverse DNS lookup shows totalchoicehosting.com as your provider. Perhaps contacting them and reviewing your access logs will reveal where the "hacking" started.

  6. Please read http://codex.wordpress.org/FAQ_My_site_was_hacked , and stop trying to patch up your hacked site. Reinstall or restore your backups. And read http://codex.wordpress.org/Hardening_WordPress

  7. guldam
    Member
    Posted 1 year ago #

    Thank you folks. I am talking to totalchoicehosting, and trying to get to the bottom of this. In the meantime, I'm changing all passwords, hardening my wordpress sites, all dozen of them. (yipes!)

  8. guldam
    Member
    Posted 1 year ago #

    I have a feeling that my site was initially hacked back in May. My regular backups stopped at this point for some reason, and I did not notice the lack of backups being sent to me. I will end up losing an enormous number of postings.

    I am not a happy camper at this point.

  9. guldam
    Member
    Posted 1 year ago #

    .htaccess file has this:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    Has this been hacked? or is it correct?

  10. esmi
    Forum Moderator
    Posted 1 year ago #

    That file is correct.

Topic Closed

This topic has been closed to new replies.

About this Topic