Title: WordPress hack
Last modified: April 26, 2020

---

# WordPress hack

 *  [chucky2020](https://wordpress.org/support/users/chucky2020/)
 * (@chucky2020)
 * [6 years, 2 months ago](https://wordpress.org/support/topic/wordpress-hack-2/)
 * Hi. I don’t know if you can help me out. I provide data to see if you can tell
   me where you think the security hole is, since the content itself can be recovered
   but I want to prevent it from happening again. It was a new website … it was 
   less than a month old and therefore visits were nil. The software was logically
   updated.
 * THEME ACTIVATED: GENERATEPRESS. There were others installed but not active: those
   that are by default in WordPress.
 * ACTIVE PLUGINS: lightbox, classic editor, cookie bar, wp-useronline. Disabled
   are Askimet and file-manager-advanced (THIS LAST ONE HACKER HAS MADE IT!).
 * OTHER DATA:
 * – I cannot access my Admin user (password changed). I see in MySQL that the mail
   follows mine.
    – New folders and files have been generated (a sitemap folder 
   with URL pointing to my site but nonexistent type mydomain.com/spWKLxkkkwe SO
   thousands. – A PHP file in the root called «n.php» that shows all the files that
   are uploaded and also allows uploading files to the site. – In Google Search 
   Console the hacker became the owner, since he was able to link my site with Google
   by entering an HTML code. I imagine it will be to see the statistics of the site?
   And I also write down the thousands of URLs of the sitemap. – The attacker is:
   Fifhter Anas Shell – Royal Battler BD
 * Regards

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/)
 * (@sterndata)
 * Volunteer Forum Moderator
 * [6 years, 2 months ago](https://wordpress.org/support/topic/wordpress-hack-2/#post-12734505)
 * Get a fresh cup of coffee, take a deep breath and carefully follow [this guide](https://wordpress.org/support/article/faq-my-site-was-hacked/).
   When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://wordpress.org/support/article/hardening-wordpress/).
 * If you’re unable to clean your site(s) successfully, there are reputable organizations
   that can clean your sites for you. Sucuri and Wordfence are a couple.
 *  Thread Starter [chucky2020](https://wordpress.org/support/users/chucky2020/)
 * (@chucky2020)
 * [6 years, 2 months ago](https://wordpress.org/support/topic/wordpress-hack-2/#post-12735021)
 * Thanks 🙂

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘WordPress hack’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 2 participants
 * Last reply from: [chucky2020](https://wordpress.org/support/users/chucky2020/)
 * Last activity: [6 years, 2 months ago](https://wordpress.org/support/topic/wordpress-hack-2/#post-12735021)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics