• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Solutions
    • Web Design & Development
    • Digital Marketing Services
    • Content Creation & Media Development
    • WordPress Maintenance Plans
    • Custom Privacy Policies
  • FAQ
    • Web Design FAQ
    • Digital Marketing FAQ
    • Content Marketing FAQ
    • Social Media FAQ
  • Portfolio
  • About
  • Articles
  • Podcast
  • Contact

Trinity Web Media

The Digital Marketing & WordPress Development Experts

WordPress Admin Hack

April 17, 2019 by Kevin Eberle

WordPress Admin Hack

There has been a lot published recently about a new WordPress admin hack. This WordPress hack is where unknown users show up in your WordPress dashboard as administrators. Needless to say how dangerous and detrimental this is to your site, let alone product, service, and brand.

WordPress Secuirty

Stopping The WordPress Admin Hack

When faced with this hack here are some steps the Trinity Web Media’s WordPress Development team take to eliminate and mitigate the risk.

(Perform all steps if you suspect your site has been compromised or vulnerable to attacks of any type including this WordPress admin attack.)

1. Update all themes and plugins
2. Change all WordPress passwords (Please never use the username: admin or the password: password or password123)
3. From your site’s cPanel change all FTP passwords
4. While in cPanel change the database username password associated with the site. This is done from mySQL in the cPanel. If you are not sure which username is used open up your wp-config file and it will be listed. Also, keep the wp-config file open and replace the database password with the newly created password. This MUST be done or your WordPress site will throw an error.
5. From the WordPress dashboard go to Settings > General and make sure the membership box is unchecked.

WordPress Settings
6. Look within your site’s root directory on your hosting server for any .php or .exe miscellaneous files that are out of the norm. If discovered, delete at once.

Once all the steps are completed, we recommend performing a site check with Sucuri Sitecheck. This final step will ensure that your site is free of malware and no damage was done to the site.

Yes, this seems like a lot, but once your site is locked down and secure you have peace of mind that your site is free from this attack and service will remain as normal.

If you have any questions, or feel like these instructions are too technical for you, please feel free to contact us to help.

Filed Under: WordPress

What our clients say…

Jay Baer

If you need to take your web/digital program to the next level, these are the guys to see. Fast, honest, innovative and totally on top of it. Highly recommended! • Jay Baer – NY Times Best-selling Author, Founder/President – Convince and Convert

What our clients say…

While I’ve known Greg for years from our time together in the marketing scene, I’ve only recently had the chance to work with Trinity Web Media on a client project. Not only was the team professional and their work spot on, they were amazingly quick to respond and required very little hand-holding along the way. I chalk that up to their past experience and a deep understanding of best-in-class services.

What our clients say…

I have hired Greg and the Trinity team multiple times for work on my own websites, and have also hired them to work on behalf of multiple clients. He is simply a pleasure to work with, in every respect. Smart but without the giant ego of some developers, Trinity Web Media works with his clients to achieve their vision in the best way possible — with careful attention to their interests, and thoughtful recommendations based on his expertise. • Susan Baier – Founding Marketing Strategist – Audience Audit

Primary Sidebar

Topics

  • Behind The Scenes
  • Business Insight
  • Digital Marketing 101
  • Marketing Tools
  • Press Releases
  • Social Media
  • The New Marketing Show
  • Trinity Cares
  • Trinity Web Minute
  • Uncategorized
  • WordPress

Footer

Need Help?

Talk to us.

Trinity Web Media is located in Hunterdon County, NJ and all projects are proudly built with US talent.
_
About Us
Services
Contact Us

In the heart of Sergeantsville, NJ our team works on the second floor of a historic building.
_
635 Rosemont Ringoes Road
Stockton, NJ 08559

Feel free to contact us via email or the old fashioned way. We know sometimes it’s nice to talk to a real person.
_
t: +1 (908) 917-5001

© 2025 · Trinity Web Media • New Jersey Web Design by Trinity Web Media • Privacy Policy