Cannot access dashboard (connection reset) hacked plugin

  • Resolved Anonymouse1

    (@anonymouse1)


    10 years, 2 months ago

    Hello WP Forum,

    A site I worked on (https://natalierichter.com) was taken advantage of by the recent Revolution Slider vulnerability. Google has since blacklisted the site in search results and I suspect the hacker has made it so that I am unable to access the dashboard. All admin user passwords lead to a connection reset warning as did the password recovery option.

    I have deleted the revolution slider plugin folder via FTP (you can see the old shortcode on the home page) and I attempted to rename both the theme and plugin folders within wp-content hoping that the temporary “disabling” would allow me access- nope.

    Any help getting to the dashboard would be appreciated.

    ty

    AM1

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator James Huff

    (@macmanx)

    Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Thread Starter Anonymouse1

    (@anonymouse1)

    Hello,

    Thank you for the reply and links. I am remaining calm :). I have managed to deal with most of the hack issues through ftp, phpmyadmin, and google webmaster tools however one major problem remains- I still cannot access the dashboard through site.com/wp-admin. I am experiencing a redirect loop from wp-admin to wp-login.php with the site giving me “the connection was reset” error message after I input my credentials. Could this be a host issue?

    ty

    AM1

    Moderator James Huff

    (@macmanx)

    It is entirely possible, hosts often react in not-too-helpful ways when a hack is detected.

    Just in case it’s a lingering post-hack issue with a plugin or theme, try manually resetting your plugins. If that resolves the issue, reactivate each one individually until you find the cause.

    If that does not resolve the issue, access your server via FTP or SFTP, navigate to /wp-content/themes/ and rename the directory of your currently active theme. This will force the default theme to activate and hopefully rule-out a theme-specific issue (theme functions can interfere like plugins).

    Thread Starter Anonymouse1

    (@anonymouse1)

    Hi James,

    The good news is that I managed to resolve the problem but I had to restore a backup that predating all the problems. I’ve since installed Securi’s security plugin, removed the compromised plugin, and am checking & hardening the site.

    I appreciate the responses & suggestions you provided.

    AM1

    Moderator James Huff

    (@macmanx)

    You’re welcome!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Cannot access dashboard (connection reset) hacked plugin’ is closed to new replies.