Super-admin deleted--can't log in

Hi I just installed Blogs MU Theme, http://kenyapyla.org, and now I cannot log in. All the members have been deleted including super admin. All the blogs are gone too. I tried resetting the admin password, but it does not even recognize the original email I used to install Wordpress. This happened after configuring facebook connect.Has anyone experienced this problem? Is this usual? What are the risks one need do take into account in using these themes to build an online community--in terms of stability of data.

  • Philip John

    Hiya!

    This indicates a further security issue with your install.

    Can you try deleting the Blogs MU theme from your /wp-content/themes directory and also removing any plugins from the /wp-content/plugins directory please?

    That will force de-activation of plugins and make WordPress revert to the default theme bypassing any issue with plugins or the theme.

    If you still cannot access your site, you will need to flush your database and install WordPress again.

    Phil

  • glosdata

    Hi Phil, This is skirting the issue. What you are telling me should be the last resort not the first resort. What is the cause of this "security issue"? How normal is this? You are telling me to remove the theme. That is what I am avoiding because I still want to recover my data. Stripping everything in order to get to WP has no utility to me. To tell me to start afresh means you do not have a solution. That's what I am fearing. Assume I had populated the website with thousands of members, then all of a sudden, the member numbers read 0. And the support remedy? "delete the Blogs MU theme from your /wp-content/themes directory and also remove any plugins from the /wp-content/plugins directory".

  • DavidM

    Hi glosdata,

    In response to your query of how normal this is, it's completely abnormal. What you're describing, I've not ever seen occur by simple use of any of the plugins and themes here and as Phil was saying, it definitely sounds like a security issue.

    The plugins and themes here simply do not just up and delete your users and blogs.

    [EDIT: Your other thread which I mentioned should be resolved with the latest post there. But this issue with blogs and users being deleted is something that needs looking into.]

    Cheers,
    David

  • Mason

    Hiya glosdata,

    What Phil was saying was that if data such as usernames and blogs have been deleted, this would be more likely the result of a hack on the site. Your best bet is to contact your hosting provider. Do a check of your error_logs and any other server logs available to you.

    Literally, there's no way for a theme installation or the Facebook plugin to cause a massive issue such as this one. I can only think that someone had to have deliberately done this - which sucks and may take more time to sort out. Ask your hosting provider as well about backups. Your first priority (after changing all passwords) should be to completely delete and re-upload a fresh copy of WordPress - followed by individual plugins and themes. Depending on the extent of the hack, traces and backdoors can be left in a variety of places.

    Take a look here for some guidance and useful tips:
    http://codex.wordpress.org/FAQ_My_site_was_hacked

    Let us know what you find out from your hosting provider as well.

    Thanks!

  • Jonathan

    @glosdata,

    I'm just a paying member the same as you and it does appear like you have had some sort of security breach. Ironically at the same time you installed the theme.
    Premium Wordpress Theme's in general can't possibly do the damage you're talking about. Well, it is unheard of. It seems your site has been compromised.

    Here is a topic from a little while ago, where a member got hacked... it has some links to some resources that might be worth checking out.
    https://premium.wpmudev.org/forums/topic/hacked-i-guess

    And like the support (massonjames) has indicated - check your error logs / server logs (this is the yellow brick road) to finding the cause/problem.

    And follow the advice given in the resources specified. When it comes to your admin account being hijacked - password/email changed. And data wiped. This is a very serious situation and you have my sympathy as it isn't a place anyone wants to find themselves in.

    Regards,
    Jonathan

  • Mason

    Hiya,

    As we haven't heard back from you we're going to assume the problem
    was sorted out and mark this ticket as resolved.

    If it wasn't resolved, or you have any more questions related to this
    thread please feel free to post them below and tick the 'Mark as Not
    Resolved (re-open)' box below the post area (or else we'll miss it!)

    Otherwise, thanks for using the forums, and for being a member of WPMU
    DEV, it's a pleasure to help you out and we look forward to being of
    assistance in the future.

    Thanks!

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.