Support » Plugins » Locking down the dashboard

  • I received a Email from Bluehost Inc.

    But I’m not able to understand the Email. Please, help me!!!


    * My Email :

    Hello Bluehost Inc!!!

    I’ve appreciated your good service for two years.

    But now I found that my two accounts( 3.4.1 and 3.7.1) had serious problems.

    Please correct some mistakes you made.


    I’ve used the anti-hack WordPress plugin ‘Hack me if you can’.

    When I tried to enter the admin page (, the URL was turned into another URL (

    The URL ‘’ returned a(not the) home page with grotesque outline.

    I can’t enter the admin page.

    Exactly speaking, it was a kind of disabled home page. The slide show was disappeared into darkness.

    A glance at the my true home page( is sufficient to know why I convince ‘Bluehost’ was hacked.

    I attach two capured image which can be the evidence of this hacking issue. Please compare the two URLs in the images.


    On April 26th I installed ‘WordPress 3.7.1’ and theme ‘Twenty Thirteen’ in account ‘’.

    Now ‘WordPress 3.7.1’ becomes ‘WordPress 3.7.3’. Auto Upgrade.

    I ordered ‘UpdraftPlus’ in the initial stage of purchase. I believe the ‘UpdraftPlus’ can prove why I call the upgrade ‘Auto Upgrade'(pseudo AI Upgrade).

    In addition to ‘Auto Upgrade’, I found some suspicious points. But I can’t pinpoint with conclusive proof.

    * Answer of Bluehost(excerpt) :

    1. Excerpt 1

    As to the first site, the issue could be due to the plugin you installed as the nature of those kinds of plugins includes locking down the dashboard to make it harder to hack into.

    2. Excerpt 2

    As to WordPress 3.7+ has a feature called “auto upgrade” that you can disable in the dashboard.

    3. Excerpt 3

    To assist you further with these sites, we will need you to provide the last 4 of the cPanel password for BOTH of the separate accounts.

    * P.S.

  • The topic ‘Locking down the dashboard’ is closed to new replies.