[wp-hackers] Unable to login to wp-admin

Sherry Myrow teklists at gmail.com
Mon Sep 6 20:55:14 UTC 2010

Thanks Everyone for the advice!

I manually reset my password again and got in.  I'm going to upgrade
my site now.  Wish me luck!!


On Mon, Sep 6, 2010 at 11:48 AM, Lynne Pope <lynne.pope at gmail.com> wrote:
> On Tue, Sep 7, 2010 at 3:06 AM, Sherry Myrow <teklists at gmail.com> wrote:
>> Hi everyone,
>> I think my site, gamerwidow.com, has been hacked.......I'm running WP
>> 2.6.5.  I know I should upgrade but I'm a bit daunted by the task to
>> be honest.  Anyway, I tried logging into wp-admin and although I'm
>> using the correct credentials it says 'invalid username' and will not
>> let me log in.
>> Furthermore, when you do a search on google for "WoW Widows" my site
>> is the very first one listed but the page title says "Viagra Sales"!
>> I've tried searching this problem but the best I've found was to
>> manuallly disable plugins, clear your cache and try again.  I've also
>> tried resetting my password and checking the db to make sure my admin
>> account was still set to my email address -- all to no avail.
>> I need help and would love it if anyone could!  I used to do wp
>> customization for a living but i haven't done it in a couple of years
>>  (which is why i'm afraid to upgrade to 3), I'm most familiar with 2.5.
>  Both your version of phpBB and WordPress 2.6.5 have security issues. To add
> to that, you appear to be using the old Google Analytics JavaScript, for
> which there are known vulnerabilities. I'm afraid that you are going to have
> to do some detective work to find out exactly what the hack is and how it
> got in, then block it as soon as possible.
> If you have a clean backup from before the hacking, I'd recommend you revert
> your site to this backup as soon as possible. The first thing you need to do
> after that is change all your passwords - all of them, including your
> database password and FTP credentials in your server control panel. In order
> of priority, upgrade phpBB first, then the Analytics code, and finally,
> WordPress 2.6.5. In your situation I also recommend you upgrade to WordPress
> 2.9.2 at this stage as there is not much of a learning curve from the
> version you are familiar with. It's also easier to adapt your theme. Once
> you have your site updated and secured you can then take some time to learn
> about the changes that came in with WordPress 3 and plan to bring WordPress
> up to the latest release as soon as you are comfortable with it.
> I also recommend that you get onto Google and search for tips on how to
> secure your WordPress and phpBB sites. Each of them are prime targets for
> hackers so spending a bit of time researching security tips would be very
> worthwhile.
> Good luck on your upgrades.
> Lynne
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list