wordpress

guldam
(@guldam)

11 years, 7 months ago

This morning I went to my wordpress site, to do an update, and my user account didn’t work. Logged in as another user, and was able to see that my normal user account was missing the username.

Inside of the edit user setting was the input field for the user name with this inside of it: <adminnicename>

Then inside of a dropdown labeled Contact was a bit of script that looked like it was putting the admin name into a <tr> tag.

I’ve reset my user passwords, changed Authentication Unique Keys, and have attempted to change database passwords. So far that is failing. I have opened a ticket with the hosting company.

Any ideas what has happened? Hacked?

Is there such a thing as an admin nice name?

GulDam

Viewing 9 replies - 1 through 9 (of 9 total)

Krishna
(@1nexus)

11 years, 7 months ago

Can you post your site URL?

Henry Perkins
(@htperkins)

11 years, 7 months ago

The “nice name” is what appears to people as the “Author Name” when you publish posts. The username is what you use to login to your WP-Admin dashboard.

I would suggest disabling any plugins you have, and then troubleshooting from there.

If you have access to phpMyAdmin or the MySQL database through other means, you can fix your user permissions in the wp_usermeta table if you are unable to do so through the WP-Admin.

In the wp_usermeta change the wp_capabilities row to:
a:1:{s:13:"administrator";s:1:"1";}
..for the appropriate user (you).

Thread Starter guldam
(@guldam)

11 years, 7 months ago

ok, I got hacked. They killed off the stylesheet:

hacked by Hmei7<?php exit;?>

Still trying to fix this mess. Don’t think I have a back up of the stylesheet.

TheReviewGuys.com

Henry Perkins
(@htperkins)

11 years, 7 months ago

Usually being hacked is the result of having poorly coded plugins installed or an unsafe hosting environment (or a combination of both).

A reverse DNS lookup shows totalchoicehosting.com as your provider. Perhaps contacting them and reviewing your access logs will reveal where the “hacking” started.

Chris Olbekson
(@c3mdigital)

11 years, 7 months ago

Please read http://codex.wordpress.org/FAQ_My_site_was_hacked , and stop trying to patch up your hacked site. Reinstall or restore your backups. And read http://codex.wordpress.org/Hardening_WordPress

Thread Starter guldam
(@guldam)

11 years, 7 months ago

Thank you folks. I am talking to totalchoicehosting, and trying to get to the bottom of this. In the meantime, I’m changing all passwords, hardening my wordpress sites, all dozen of them. (yipes!)

Thread Starter guldam
(@guldam)

11 years, 7 months ago

I have a feeling that my site was initially hacked back in May. My regular backups stopped at this point for some reason, and I did not notice the lack of backups being sent to me. I will end up losing an enormous number of postings.

I am not a happy camper at this point.

Thread Starter guldam
(@guldam)

11 years, 7 months ago

.htaccess file has this:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Has this been hacked? or is it correct?

esmi
(@esmi)

11 years, 7 months ago

That file is correct.

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘wordpress’ is closed to new replies.

wordpress

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics