Support » Fixing WordPress » My wordpress admin user automatically changed!! My website is hacked??

Viewing 4 replies - 1 through 4 (of 4 total)
  • esmi


    Forum Moderator


    The same happened to a website I’m working on. The admin username which was “guru” was changed to “gawadooo”. I had installed WordPress 3 days back.

    The install was a new one. No customization had been done to the code. Only two plugins were installed

    i)ThemeFuse Maintenance Mode and
    ii) BulletProof Security

    The username has been changed and I know this for sure. I have the confirmation mail which was sent when the WordPress was setup and now the mail when I clicked on “lost password”. The username is different one in both the emails. I’m perplexed and curious to know what is happening with the site.

    @esmi thank you for the suggestions.

    @ahamedibrahim87 how did you fix the issue. Since it has been 2 weeks since you reported it is the website in question working now or were there more instances of the admin username being changed.

    I’m going to clean the server and do a fresh install.

    Will update if there are more issues.

    Actually I couldn’t find the reason behind this issue..

    I am more suspicious about CODE GUARD.. which is third party server providing a platform for having a backup of our website files and DATABASE

    Check my website

    In doing so, they asked me to give the details of FTP and MYSQL Username and Password.

    I think, some automated hacking system doing such nonsense in my site..

    fortunately I had OLD DB files and website files..

    I replaced all the FTP files and delete username TABLE IN DB and update that part alone with the OLD DB..


    Hope this will give some brief idea to your problem also…

    @ahamedibrahim87 thank you for the feedback.

    In your case Code Guard may be the issue as you have provided the server details. What is driving me nuts is that by default WordPress does not allow you to change the username but here is a case where the username has been changed! Further in case of such changes an email notification is sent to the administrator and I received nothing. Was this the case with you as well? If it was, then it means that the changes were done via the MYSQL interface and WordPress was not involved in the process (please let me know if I’m wrong somewhere).

    In my case I realized that there was a demo site hosted in a sub directory of my server which was built in WordPress. Since the site was built 6 months back and no updates were made (including WordPress updates and theme updates) the server became vulnerable to attacks.

    The lesson I have learnt from your experience is to be very careful when giving out server details to anyone.

    However, I hope there are no more reports of something like this happening with other WordPress developers.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘My wordpress admin user automatically changed!! My website is hacked??’ is closed to new replies.