• Home
  • About Mitch
  • Speaking
  • Articles
  • Contact
  • Home
  • About Mitch
  • Speaking
  • Articles
  • Contact

Digital Strategist

WordPress Developer

Content Creator

Unapologetic Punk

Mitch Canter

  • X
  • Bluesky
  • GitHub
  • Twitch
  • YouTube
  • LinkedIn
WordPress

Latest WordPress Hack – Check your Permalinks, People!

CMDR Mitchcraft

Reading time: 2 minutes

I’ll type this without the normal pleasantries to make sure this gets out quickly.

There’s a WordPress hacker on the loose, and he’s pretty sneaky – he creates a user unseeable to the naked eye (except for the one extra user in the administrator users menu) and masks himself to you, making it easy for him to sneak in and out of the site and do stuff (like change your permalinks) without you knowing.

If your permalinks have some funky stuff going on, like this:

/wordpress %&evalbase64_decode_SERVERHTTP_REFERER.+&%/

then you’ve been hacked. 

Head into your WordPress backend and click on “users” – there are ways to sort the users by their user role, so click on Administrator.  You’re going to compare the number of administrators to the number next to the administrator tab.

If the two match, you’re OK.

If you see 3 grid lines, but the tab says Administrator (4), then you’ve got a hacker in your database.

Click on “View Source” and search the page for “user-1”.  If you’re the only administrator, you’re looking for this code:

<div id=”user_superuser”>

This person is the hacker, and there’s a way to find him and delete him.

Your administrator account is user-1, so find a user around that code that’s not that one and nearby you’ll find a code:

user-edit.php?user_id=NNN

NNN is the user-id.  I know these are vague, but without another account to screenshot, it’s hard to explain.

Replace the URL (http://youriste.com/wp-admin/whatever with http://youriste.com/wp-admin/user-edit.php?user_id=NNN and hit enter.

Enter a fake email address for the spammer, demote him to “Subscriber” and change his password.

Once that’s done, view all users and delete him.

And that’s how to get rid of him.

Better instructions are here:

http://blog.nachotech.com/?p=125

  • WordPress: A Future of Many Flavors?

    WordPress: A Future of Many Flavors?

    Reading time: 6 minutes

    If you’ve been following along in the WordPress space lately, you’ll know that there’s a lot of discussion around WordPress – not of code, nor of content, but of how the software itself is managed. To put it simply, there are three parties involved: Matt Mullenweg, who the founder of both the WordPress Foundation and…

    Open Source, WordPress
  • Be a Uniter, Not a Divider

    Be a Uniter, Not a Divider

    Reading time: 2 minutes

    *I work in WordPress for my day job, but a reminder that my posts and thoughts are my own.* A word of advice to anyone in management – whether it’s a C-suite, mid-level manager, or even someone who just has people under them that see them as a mentor. Be someone who unites, not someone…

    WordPress