Unwanted Admin User

  • I’ve been hacked and the user created an account with an email carrier I never use ‘yahoo’.

    I was able to restore my site, and remove the user from my php admin, also changed the password to my ftp.

    Problem is I cannot remove the user from my dashboard – I try the delete key and nothing, any suggestions? While the hacker cannot re-enter the site I’d still like to remove the user acct they created.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    You said you removed the user via phpmyadmin — how did you do that? If you started removing the user from outside WP, you may have to remove more things than just one line in wp_users.

    Look in wp_usermeta and look for rows which point to a user id that no longer exists in wp_users and delete those rows.

    MAKE A BACKUP FIRST!

    Thread Starter Twatson09

    (@twatson09)

    Steve,
    thanks I’m all over the php admin and each time I delete a row that holds anything including this users info it pops right back up! I think they are using a plugin or automated thing something?
    User ID’s pop up like popcorn eachtime I delete him. And when I change the role to ‘none’ it pops back up as ‘administrator’ –

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Then you’re still hacked.

    Take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Unwanted Admin User’ is closed to new replies.