wordpress url changed administrator worm hidden admin user
If you can read this then my links are back up and working after a worm attack on this wordpress blog. Readers aren’t affected !!
Not much to do with Italian Property but for all you bloggers out there using WordPress you may have noticed a change in the url that your blog site serves. This means all your traffic from your incoming links from the likes of Google will serve a 404 page not found error. Now maybe you have a nice 404.html page redirecting traffic but better to get to the bottom of the problem.
If you didn’t know there is a worm doing the rounds on the net and its entered into WordPress. It basically genereates itself as a admin user in the backend of your wordpress users. Have a look at your users…if you have 1 more admin user (and its hidden) than you should then your wordpress backend blog is under attack.
Here is the solution to eliminate the hidden admin worm user, once deleted make sure you do a back up of your blog and then upgrade to V2.8.4 which has a fix for these worms.
View a users profile
In the url in the browser there is an id number for the user.
Change this id number to the number of users in your blog… view this user….is the user an bogus admin user ? If not increment the id by 1 to find the latest hidden admin user…keep doing this till you find the hidden super admin user.
Once you have found the hidden “admin” user then you will see his first name has some script in it. Delete this script. Change the users status from admin to subscriber (remember his username…mine was “TreyMcKinney89″)…update this user…then go back to user admin section and delete that super admin user (well now a subscriber). UPgrade wordpress immediately before he returns.
PS you may also have to go into permalinks and change back the mode in which your urls were served otherwise incoming traffic will still get a 404 error….google your blog and check your incoming links work.
Hope that helps …if not there is some further reading here:
http://wordpress.org/development/2009/09/keep-wordpress-secure/
thanks for your sharing
thanks for your sharing
You were prescient with adding video to WP back in 06-07. I’ve come late to the party but things are still evolving and many people are still waiting to jump in. Plus there are so many more hosting platforms to use now.