Support » Fixing WordPress » Hacked. Showing up in dashboard stats

  • Hi.

    I was hacked a while back and got everything cleared up and protected. I just found one thing that I didn’t get cleaned up and I can’t find out where to change it.

    Here is a link to the image of a part of my dashboard when I’m checking stats:

    http://gal-lori.com/wp-content/uploads/2008/05/hacked.jpg

    As you can see, it says Stats: hacked by [name of hacker]

    Also, when you click on the link to my dashboard following that it goes to some gibberish site that isn’t mine.

    Can you help me with how I find and change the hackers name and the bogus link?

    Thanks.

    Lori G

Viewing 13 replies - 1 through 13 (of 13 total)
  • Michael Torbert

    (@hallsofmontezuma)

    WordPress Virtuoso

    Install WordPress 2.5.1 and the WP-Stats plugin.

    Thread Starter lorigreenberg

    (@lorigreenberg)

    I have 2.5.1 installed and the WP-stats plugin already.

    Check your index.php file and make sure that nothing has been added (usually a script). If your wordpress index file is in the root then also check within the file where the rest of wordpress file exist for another index.php file and make sure that nothing has been added to it as well.

    Have you tried removing the hacked wp-stats plugin and then uploading a clean copy of it?

    My wordpress got hacked, but not by this person. Somehow a script got added to my index.php file. I had to change all my ftp passwords to keep this from happening again.

    Thread Starter lorigreenberg

    (@lorigreenberg)

    removing and installing a clean wp-stats didn’t work.

    My index.php is in the root but there are other index.php files in other folders. Are those the ones you say need to be checked?

    Michael Torbert

    (@hallsofmontezuma)

    WordPress Virtuoso

    I mean delete the files and install a fresh copy of both.
    Delete everything (back up your config file) and reinstall WordPress. Download your plugins fresh. Redownload your theme. Check to make sure there are no extra users in the database.
    Change all of your passwords. This includes your Unix password, MySQL password, WordPress password… everything.

    Thread Starter lorigreenberg

    (@lorigreenberg)

    I’ve finally done ALL of this and it still shows up. Here is the screen shot again since after doing all of that, things aren’t in the same place:

    http://gal-lori.com/wp-content/uploads/2008/06/hacked.jpg

    I have combed through my database and no luck. It doesn’t appear to have any effect on my blog but I would like to get it off of there!

    Does anyone know where in the database the settings are for these, if that is what it is? Originally I did find another re-direct address in a database field, but cannot for the life of me find where this is coming from.

    Thanks again!

    What plugin you’re installing wp-stats or WordPress.com Stats? Note the difference:
    a. wp-stats is a plugin by GamerZ.
    b. and WordPress.com Stats is different plugin for WordPress stats based on WordPress.com stats plugin.

    The pic above is related to WordPress.com Stats, so if you’re installing wp-stats, it’s not going to make any difference, because hacked WordPress.com Stats plugin is still there in your plugins folder.

    Thread Starter lorigreenberg

    (@lorigreenberg)

    Thanks Rok.

    I didn’t know there was a difference. Yes, I have the wordpress.com stats. I think I used to have wp-stats. I’m so confused now!

    Regardless though, I’ve deleted and downloaded new ones from my plugins folder. Shouldn’t that have cleared up the mess?

    Also, any thoughts on the wp-stats plugin as opposed to the wordpress.com one?

    Thanks again!

    Thread Starter lorigreenberg

    (@lorigreenberg)

    Just tried deleting and reinstalling a clean version of wordpress.com stats and same thing. Hmmmm.

    I have this plugin running fine on 3 other blogs.

    Did you removed WordPress.com stats “options” from wp-options table, before installing new files?

    Because, WordPress.com stats plugin stores cache in wp-options table, and it seems, you’ve not removed its entries. That’s why, you’re facing this problem.

    All you’ve to do is, just login into your phpMyAdmin account, select your WordPress db, click on wp-option table.

    Now start browsing to look for the following two entries:

    stats_cache
    stats_options

    Once you find above quoted entires, select the two and click delete.

    Note: 1. Before executing above noted steps, please take a complete backup of your database.
    2. Note down your API key, you’ll need this, when you re-install WordPress.com Stats plugin.

    Thread Starter lorigreenberg

    (@lorigreenberg)

    Thanks again, Rok.

    I sorted my list alphabetically and only found the stats_cache. There was no stats_options. Deleting only the stats_cache didn’t do it.

    The ther stats_ things there were were:

    stats_display
    stats_mostlimit
    stats_url

    When I re-downloaded and reactivate it, it did have my old stats info still too, if that helps any.

    this is just weird.

    Have you tried changing your API key, because WordPress.com stats plugin fetches the data from WordPress.com servers and store into wp-options table.

    You try to get a new key, and re-install stats plugin, after deleting each stats entries from wp-options table. I think, this’ll solve your problem, but you’ll lose your statstics.

    Thread Starter lorigreenberg

    (@lorigreenberg)

    I am using this api key on other blogs and it works fine.

    Still have the same problem.

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Hacked. Showing up in dashboard stats’ is closed to new replies.