Hacked blog? I'm NOT a technical person! (5 posts)

  1. tracyrhb
    Posted 8 years ago #

    As best as I can tell, WordPress as a whole had a problem yesterday; was it hacked? In any event, I or anyone can still read or navigate around my blog, but all of a sudden yesterday afternoon, I lost all access to the admin section. I can't do anything. My password only gets me an error message; my attempt to have a new password set only gets me an error message. The "admin" link in "Meta" is gone. Bluehost hosts my blog, and they said this is a WordPress problem and they can't help. So, two questions: 1) Can anyone help with this problem? 2) Is there a way to talk to anyone at all at WordPress on the phone? I can't find a phone number anywhere.
    Please note that I know nothing about technical issues; it's all I can do to get the posts that I've written up on the blog.
    Thank you.

  2. mrmist
    Forum Janitor
    Posted 8 years ago #

    What error message do you get when you try to log in?
    What is the location of your blog?

  3. tracyrhb
    Posted 8 years ago #

    It says: ERROR: Invalid username

    I'm at http://www.unchartedparent.com

    Thank you.

  4. Clayton James
    Posted 8 years ago #

    The WordPress version you are using desperately needs updating.

    <meta name="generator" content="WordPress 2.1.2" />

    I do however, currently see a login link in your meta. The link only changes to "site admin" once you are logged in. I also see this at the end of the body in your source code.

    <u style="display:none"></u>

    This indicates that something can be hidden, but I did not see anything that was being hidden. This is sometimes used to hide spam links. If you don't know why it is there, it is worth investigating.

    My advice would be that you should assume that something has, or may be in the process of disrupting your site. Contact your host and ask them what you have at your disposal ( I believe Bluehost offers phpMyAdmin), for viewing and changing your database. Also advise them of your suspicions. You must upgrade WordPress. No way around it if you want to reduce future risk. If you have been compromised already, simply upgrading is probably just a band-aid. There is more to it than just upgrading at that point.

    Short of actually enlisting someone at your hosting company to assist you, ( by your admission, you may not be comfortable with what needs to be done ), you have a lot of learning to look forward to. You will need to address possible database intrusion ( as well as learning how to reset your admin information manually so you can regain control of your login ), what to look for in files and folders ( there is unlimited info here, and on search engines relative to WordPress vulnerabilities and their symptoms, past and present, as well as feedback on how to proceed).

    I wish you very good luck, and I would hope that you have been backing up your database regularly. Best wishes,


  5. tracyrhb
    Posted 8 years ago #

    Thank you Cj for the info. I will follow up on all of that. Since I wrote, a friend stepped in and got me back into my blog and updated my version of WordPress, but, as you said, that's probably just a bandaid. There's more work to be done.

    I appreciate your response.

Topic Closed

This topic has been closed to new replies.

About this Topic