Support » Fixing WordPress »

Viewing 7 replies - 1 through 7 (of 7 total)
  • esmi


    Forum Moderator

    I’m not up to date and I have WP3.2.

    Then I’m sorry but that’s probably why you were hacked. See

    Just found today, I’m Hacked by the same MOB – How to prevent, they have got into my cpanel and MSQLdb changed users and passwords. This was on a brand new installation, passwords to cpanel very secure, latest WP version installed 3/10/12 direct to main directory.

    My site still appears stable, but I can’t access the WP Log in – going in via cpanel and viewing the DBase is where I found my user name was changed to ‘’.

    Any help appreciated, this is all new to me.

    Prior hack:
    On 2/10/12 the total site was hit, my Hosting ISP said a number of WP sites got it. They added a new index.php file to re-direct, I found this and deleted it, changed all passwords and still they had deep code that inserted code on each page – ACTION: deleted the WP installation and started again.
    Re-installed WP 3/10/12 – and now as mentioned first up they have gained access to the MSQLdata base. Is it via cpanel or is this just a straight hack into WP?????


    go to phpmyadmin, check the table wp_users.

    I’ve put a new password in the password field. If I remember well, I’ve corrected the email adresses and put blank in user_activation_key.

    Then I asked my user to reset their password. I don’t have many users so that’s fine.

    Once I had access back, I’ve upgraded immediately.

    Well well, ‘I’ve been hacked for the first time in my carreer. Do you recognise the situation? Somebody asks you to make a website. I opt for WP and all goes well for a short time. The other party’s host is a drag. I never can get into the control panel and it works terribly. No rush when the website is up and running since I can do all I want within WP. Then after a while WP grows, but the host doesn’t: no MySQL upgrade, so no upgrade to WP 3.0… So for some time I’m yelling: upgrade your hosting or change host and we’ll get hacked but the host only makes smarttalk and the client doesn’t understand a bit of it all, so we’re still using 2.9.x. And today, tada!, “I can’t login”. No ‘biggie’. Both users were renamed to, so I made a new admin and deleted both users. I can’t find any spam, malware or anything. I checked the site on a few places, nobody sees anything. Luck? Just enough security? Or does the hack do something I haven’t looked at yet?

    If this is all, I will only advice the other party to make a hurry with chaningings hosts. If I’m going to have to look for SQL injections or whatever, I will just delete the whole thing and tell them there is no website when there is no proper hosting.

    I’ve been hacked several times, even with a wordpress up to date. You can find some youtube videos about It seems to use brute force to crack passwords.
    I’ve changed my passwords to more complex ones but it doesn’t do a thing.

    To me, the breach must come from plugins or themes. I recently changed my theme. FYI I was using gamezine theme.
    I’ll let you know if I’m hacked again. It usually happens every 2 months!

    Moderator Mark Ratledge


    Forum Moderator

    @jeje68630 said:

    I’ll let you know if I’m hacked again. It usually happens every 2 months!

    If you’re getting hacked every two months, you’re not doing a complete job of cleaning your site or finding a good web host.

    Work your way through these resources and follow all instructions to completely clean your site or you may be hacked again. See FAQ: My site was hacked « WordPress Codex and How to completely clean your hacked wordpress installation and How to find a backdoor in a hacked WordPress and Hardening WordPress « WordPress Codex.

    Change all passwords. Scan your own PC. Use before and after.

    Tell your web host you got hacked; and consider changing to a more secure host: Recommended WordPress Web Hosting

    If you can’t do the work yourself, consider looking for a reputable person to fix it correctly on or freelancing sites such as Elance. (It’s not a good idea to respond to unsolicited emails from forum users offering to work for you.)

    Try using BPS Security Plugin, I found it gave me security and has stopped hacks.

    NOTE: it is essential to change some folder file permissions, use Cpanel or FTP to enact.

    Hackers gain access via these folder permission weaknesses.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘’ is closed to new replies.