Book a Free Call

WordPress Super-admin hack



Came across an interesting hack yesterday, which was a new one on me.

I noticed a site I had been working on had been hacked into and some redirect crap added to it.
There was some folders full of redirect junk sitting in the WP root and some nasty little redirect rules pertaining to them in the htaccess. So I get rid of all of that and went about trying to find how they got in. Nothing seemed disturbed in the functions or plugins, nor was there anything weird going on in the head or footer. Assuming there was something evil in the wp-admin or includes etc, I proceeded to try and upgrade WP but had no access in the backend. On logging in, I noticed I had my usual admin login and password, and I was the only admin user. But I had no access to plugin deactivation or WP upgrades. But my user role was good and I couldn’t see anything screwing with it, or any redirection etc blocking me other than the standard “you do not have access to this page”, even though I was admin. Looking through the folder structure, there was no mu-plugin messing with things, no unusual functions acting up. Can you guess what the problem was?

The hacker had converted the site to multisite using (presumably) the wp-config file and then given themselves super-admin access. Amazing! I just would never have thought of that. So once I removed the multisite directive in the config file I was back to a single site setup and was able to control things again.

So if you have admin but no ability to deactivate plugins or update WP version when you should, check if that sneaky hacker has actually converted your site to multisite. The cheek!

Need rapid website development:

For smaller projects at high speed


  • Adding script tag embed to Gatsby component

    Read More
  • Get more than 100 queries in GraphQL (I felt stupid)

    Read More
  • Animate on Scroll (AOS) into Nuxt js

    Read More
  • WordPress Super-admin hack

    Read More
  • Add content or ACF field under thumbnail/image gallery in Woocommerce

    Read More

Tags


Categories

Is it urgent? Donate to Cork Simon

Got an urgent issue?

Charlie's Cottage, Carrigrohane, Co. Cork, T12 WY9H

(085) 7686677