asked on

Website hacked and user keeps reappearing

Hi Guys, i have a website and it got hacked. i have since hardened it up with a few different plugins, however i cant delete a user from Wordpress, it has admin roles, i have also tried deleting the user from phpmyadmin, i then notice that it reappears every few mins.

Any idea what to do?

arnold

Check cron service start scripts,
Check all admin users, change password.
Limit admin accesss in Wordpress to ...

You are not providing much to go on.
Check cgi-bin to make sure .....

Jonathan Duane

ASKER

Ok, how can i check cron service start scripts?

I have checked all admin users, i have it down to one, i have deleted original "admin account" and created a new one

can i limit wordpress to just one login? where will i check cgi-bin?

Jonathan Duane

ASKER

here is the wp_users table, everytime i try and delete the wordcamp one it will just reappear.

I have checked all cron jobs and nothing seems to be out of order
wp-users.PNG

SOLUTION

gr8gonzo

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

ASKER CERTIFIED SOLUTION

gr8gonzo

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

David Favor

Cleansing a site of hacks can be a long process... requiring many steps...

For example, if there's an old version of PHP running which is hackable... or FTP is running which is hackable... or WordPress is running using HTTP rather than HTTPS which is hackable...

All entry points must be closed before starting with WordPress.

As a first step, provide a clickable URL of your site.

gr8gonzo

Any updates?

gr8gonzo

The question was closed as answered - does that mean the problem is solved? I'm always curious to know the resolution.