WordPress Hacked: Can’t log in – How to Get Back Into the WordPress Admin
WordPress hacked and can’t log in? You are at the right place; we are going to see the complete guide on how to get back into the WordPress admin panel when your website is hacked and you can’t get into the admin panel. There are many ways you can get back into the WordPress admin and use the website as it was.
We will see the complete tutorial that you can follow to get back the admin panel. Further, we will see the method to clean your WordPress website and protect it from the attackers.
Some common fixes
First, we will see some of the most common fixes that you can use and it can solve the problem. Sometimes, your website isn’t hacked but you are just facing some small problems due to which you are unable to log in to the system. So, you can use the most common fixes given here that will work for some of the people.
- Clear your computer cache and cookies. You can try incognito mode to check or you can simply clear the history/cache/cookies and try logging again.
- The next method will be to update your .htaccess file. You can head over to file manager or FTP and look for .htaccess file. If you are a file manager, you can go to settings and click on “Show hidden files”. It will no show the hidden files where you can see the .htaccess file. Take a backup of that file and then delete it. Try logging into your WordPress panel again. If you succeed, you can simply go to Settings > Permalinks and just click the save button without making the changes. It will regenerate the .htaccess file. However, if you don’t succeed, make sure you restore the original file.
- Hit the forgot password button and get your password. If your WordPress is hacked, you won’t be able to do it. Also, it could be because the hosting provider has disabled wp_mail() function. Also, sometimes when your website is compromised, your email address is changed. So, you need to get it back.
Now, if none of this work, the rest of the guide is for you.
Restore from the backup
The first and the easiest thing you can do to get the admin access is back to restore your website from the most recent backup. This would work perfectly well if your website isn’t updated since the last automatic or manual backup. That’s the primary reason you should take regular backups of your website.
If you already have a backup, you can simply restore the backup. It will rollback all the changes you made after the backup. So, make sure that you haven’t made any big changes.
However, if you don’t have the backup of the latest version of the website, you can carry on with one of the below-given methods. All the other methods will help you to fix WordPress’s hacked website and you can then log in to admin easily. We have a couple of methods from which you can try one.
If you succeed in restoring the backup, make sure you scan the website for the vulnerabilities. You can head over to the last section of this guide.
Softaculous password change
Most of the people have installed WordPress using Softaculous. It is a site software that comes inside of cPanel. It is a widely popular tool that everyone is using. If you installed WordPress using Softaculous, you can easily reset it. Softaculous makes it extremely easy for you to reset the password.
Even if the attacker has changed the email address of the admin panel, you can still reset it. All ou need to do is open your cPanel account and read over to the Softaculuos option. When you open it, you will see the site scripts. You don’t need to do is see in the top bar. There will be various options there. You will need to head over to the first option that is “All installations”. When you go in the all installations tab, you will see all the WordPress and other website installations. Now, you will have to find a website that is hacked. Besides, you will see the edit option. It’s usually the one with a pen or pencil icon. You can click on it and it will take you to a new page.
In the new page, you can change all the details of your WordPress installation. Here, you will have to change the password and the email address of the admin. You can also try changing the username. Once you do it, try to log in again. If you don’t succeed, you can proceed to the next step. Many times, this method doesn’t work, so there is nothing to worry about, we will see the new method using which you can do the same thing.
Change email using PhpMyAdmin
Now, let’s see another method where we will change the email address from the database. It helps you to reset the email address and then you can click on the forgot password to get the password in your respective email address.
First of all, you will need to open your cPanel. From there, you need to head over to PhpMyAdmin. In the same way, if your hosting provider doesn’t provider cPanel, you can open PhpMyAdmin from your respective panel. Once you are there, you will have to open your WordPress database. If you don’t know which one is your WordPress database, you can go to Softaculous and see the name of the database.
You will have to back up your database before you make the changes. Once you are there in the database, you will have to click on the export button at the top bar. If you don’t see it, you can click on the More button and then go to export. It will then ask you to select an extension. You can select SQL and hit the export button.
Now, you can find the users table. Usually, it is the table with the name wp_users. When you will see some of the usernames in one of the columns, click on the edit button on the respective row.
From there, you will have to find the email field and change the email address to your working one. Now, you can click on the GO button. If it shows a success message, you are good to go.
Now, you can head back to yourdomain.com/wp-admin and click on forgot password. It will send an email to the email you entered.
Change password with PhpMyAdmin
Now, we will see the procedure to change the password with PhpMyAdmin. Just like we changed the email address, we can also change the password using PhpMyAdmin. It is highly recommended that you read the previous section of changing email addresses with PhpMyAdmin as we are going to do some of the same procedures here. Therefore, it would be easier for you to do the process if you read the above section.
You will first have to backup your database just like we did in the previous section. Now, you can head over to the WordPress database and open the wp_users table.
Inside it, you will have to find the row with your username. If you can’t find one, you can select any row with the admin username and click on the edit button.
Inside it, you will head over to the password row. It will be the field with the name user_pass. You will see some huge text written over there. Now, you will have to first select “MD5” from the functions column. It will be in the dropdown. Once you select it, you can type the new password in the “Value” field. Click on the “Go” button and you have successfully changed the password of the admin user.
You can then login to your WordPress panel with the new password and make the necessary changes. Make sure you remove all the extra users from there. You can also scan the website for malware and virus. We will see more about it later on.
Before that, we will cover one more problem that many people are facing.
Change user from subscribers to admin
Sometimes, you will succeed in changing the password. However, you won’t have admin access to the WordPress website. You would only be using WordPress as a subscriber. So, your next job will be to change the user to admin. This section will guide you in doing the same thing easily.
You will have to first open your database and open the wp_users table. You will see the username in one of the columns. See the “ID” of the username whom you want to make an admin.
For example, if your username is “mike”, you will have to see the user id of mike. Let’s say it is 12, you will have note it down or you can simply copy it.
Now, you will have to go to the wp_usermeta table. Inside it, you will see the “user_id” column. Find the row with the ID that you found above (in our case, we had 12, so we will look for the row which has “user_id” 12). Hit the edit button and select the meta_key to wp_capabilities from the drop-down menu. In the meta_value field, you will have to paste the below-given code.
Click on the “Go” button and you are good to go. You have now successfully changed the user status from subscriber to administrator. You can now log in and access the admin panel.
If you don’t want to do all of these, you can also change the password of all the users and try each of them one by one. It works smoothly if you have few users.
For instance, if you just have 3 users, it would be easier to change the password of all the three users and see who is the admin of the website rather than doing this thing.
Scan the website
Once you have got the admin panel back and can log in to admin, your next job will be to scan the website for vulnerabilities and clean it.
So, you can follow these steps to scan and clean the website easily.
- Install a security plugin such as Sucuri or iThemes security and scan the entire website for viruses and malware.
- Note down the infected files and fix the code that can be fixed with the help of a plugin
- Use cPanel’s virus scanner to run a scan of the entire website. List the infected files.
- Now, you will either have to replace the infected files with the fresh files or you can check the file manually and remove the encrypted code.
- To replace the file, you can head over to the official plugin/theme page and download a new copy. Thereafter, you can replace the infected files with the fresh one that you found on the list.
- If it is the core files, you can head over to Dashboard > Updates and reinstall WordPress from there.
- To scan the files manually, look for manual code or encrypted code in each of the files. Remove that code and you are good to go.
- Rescan the website to be sure that there are no more infected files.
Alternatively, if you have a huge website, you can also consider WordPress security and maintenance services that will help you out with the entire monitoring and getting your hacked website back.
To conclude, this was all about how you can log in to admin after your WordPress is hacked. You can use any of the methods. Also, make sure you use a reliable security plugin that will monitor your website. Also, you haven’t yet set up the regularly scheduled backups, you should do it now. Regular backups will be much more helpful when something like this happens. So, make sure you have a security plugin and a backup plugin for your WordPress website.