Title: wp-phpmyadmin Last modified: August 20, 2016 --- # wp-phpmyadmin * [dudewalker](https://wordpress.org/support/users/dudewalker/) * (@dudewalker) * [14 years, 10 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/) * I just recently went through a 2 day ordeal, wherein, multiple IPs have been used to exploit the wp-phpmyadmin installation on my websites. * Apparently it created a backdoor and allowed exploits to inject code and create and { html:IFrame-PE [Trj] }. * A very persistent attacker which set off Avast Antivirus…, but no other anti- virus programs. * It took some time to determine whether the alert was valid, however, HostGator was able to verify it was an authentic alert and began digging. * It ultimately exploited these files: * > /home/********/public_html/index.php > /home/********/public_html/bakkehomes/ > index.php /home/********/public_html/wp-content/w3tc/min/index.php /home/********/ > public_html/bakkehomes.com/index.php Viewing 5 replies - 1 through 5 (of 5 total) * [davidjmcclelland](https://wordpress.org/support/users/davidjmcclelland/) * (@davidjmcclelland) * [14 years, 10 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/#post-2211716) * Had this too. Auto re-install of WordPress removed it in about 1 second. But first I had to spend 30 minutes feverishly rooting around in the site before it occurred to me : ) * [esmi](https://wordpress.org/support/users/esmi/) * (@esmi) * [14 years, 10 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/#post-2211717) * If there is a serious issue with this plugin, then please contact [plugins@wordpress.org](https://wordpress.org/support/topic/wp-phpmyadmin/plugins@wordpress.org?output_format=md) with the plugin’s name and the details of the issue. * [davidjmcclelland](https://wordpress.org/support/users/davidjmcclelland/) * (@davidjmcclelland) * [14 years, 10 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/#post-2211718) * I haven’t been able to connect this to a specific plugin. I did have an auto- resizer plugin and I uninstalled and deleted it. The exploit came back about an hour after I reinstalled WP. * [Xeronimo](https://wordpress.org/support/users/xeronimo/) * (@xeronimo) * [14 years, 9 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/#post-2211746) * Anyone found a solution to this yet?? I get re-infected too … Thanks! * [davidjmcclelland](https://wordpress.org/support/users/davidjmcclelland/) * (@davidjmcclelland) * [14 years, 9 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/#post-2211747) 1. I exported my wordpress database and downloaded all media Wiped my files from public_html Dropped WordPress DB using PHPMyAdmin Changed all passwords – WP, PHPMyAdmin, site cpanel created new WordPress manually (not using CPanel) in a different directory than used previously (drawback: existing links to my blog now go to 404 page) Changed the DB table name prefix in config to something other than “wp_”, admin account to something other than “admin” Found a plugin to relink all URLs to new location Locked down the wp-config file chmod to 600 re-imported db Virus-scanned media Uploaded media * This is a major PITA I could have avoided if I knew to do all this years ago when I set it up. WordPress needs to do a better job of hardening at install IMHO. Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘wp-phpmyadmin’ is closed to new replies. * 5 replies * 4 participants * Last reply from: [davidjmcclelland](https://wordpress.org/support/users/davidjmcclelland/) * Last activity: [14 years, 9 months ago](https://wordpress.org/support/topic/wp-phpmyadmin/#post-2211747) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics