Build Your Own Business Website header image

How to Fix a Hacked WordPress Site – Part 5 – Run the WordPress Installation Routine

Difficulty Level -

Filed Under Topics - ,

Listed Under Lesson Subjects -

Applies to -

Whoops, you've found some premium content!

Watch the opening clip of this video to preview it,
the full video is available to paid members.

In this session we show how run the WordPress installation routine which connects the new files to the old database. We need the database location, database username, database password and we have to change the admin password and the admin account. These are the things we need when we create a wp-config file.

Video Transcript

The next thing we’re going to do is run the WordPress installation and that essentially means that we’re connecting the new files to our old database. In this case, we need the database name, the database location, the database username and password. Once we’ve got that stuff connected, we’re going to go in and change our admin password and that kind of stuff.

We’ll start off by just reviving up or refreshing vashte.com. Now it brings us to the installation routine which says it doesn’t appear to be a wp-config file. We need to get that going so we’ll create a configuration file. It tells us what we need here. So we’ll just go ahead and say go. Now the database name is the database name we copied so I’ll paste that. That’s the database name. The username is the same. The password is that one. The local host is still… it was local host and the table prefix is wp so we have all the information that we need to do this now.

Okay it said it works so now it says run the install. It says we appear to already have an installed WordPress. To reinstall, please clear your old database first. All we do now is log in. Okay the administrator username here which we’re going to be changing somewhere along the line. WordPress appears to be working properly here except not quite. We don’t have Akismet.

I made the mistake of thinking that Akismet was automatically added here so we’re going to go back and we’re going to add new and we’re going to add Akismet to this while we’re here and activate here. Okay so Akismet’s back in the play. We have our stuff here. Let’s take a look at themes for a second. It’s not quite right with Thesis. Let’s see, let’s install 2011. We’re going to activate 2011. We’ll take a look at the site. Okay now we’ll activate Thesis and we’ll take a look at the site. It looks right. Something’s not quite right with our Thesis Design Options.

I’m going to come down to Thesis Design Options and hit save. Let’s see, where is that save button? Okay, it looks like the site is working properly but Thesis is definitely in need of some additional help because Thesis is not currently… let’s take a look at wp content, themes, thesis_184, custom, custom sample. Well, I think we’re going to have to double check something here then. I’m going to go ahead and I’m going to rename this.

Well, first what we’re going to do is come back over here and activate 2011. So Appearance and Themes, we will reactivate 2011. Then I’m going to move this Thesis 1.8.4 out of this folder. I’m just going to move it up to wp-content for a moment. I’m going to delete this and I’m going to come back over here to Manage Themes and refresh that. Okay, I’m going to say install themes, upload a theme, choose the file. I’m going to install Thesis from here now. Then once Thesis is installed, activate it. Okay, there we go. Now that stuff is working.

Let’s go down to Design Options. Yeah, it has saved that stuff so let’s just go ahead and… well, let’s take a look at the site first actually, see what it looks like in this state. Yeah, we need to save it. See what it looks like now. Okay, well it’s not behaving properly so now let’s go over and let’s move. See, when we refresh this now, we should have Thesis 1.8.4 there.

Let’s go back to Vashte, wp-content and themes has 1.8.4 in it. Now what we need to do is take this custom folder here and we’re going to move that custom folder from there into themes/thesis_184. So we’ll move that file. Okay, we’ll go back up one level, we go to themes, thesis_184. Now it’s got that stuff in it. So we’ll refresh this, we’ll hit save and we’ll check out our site. There we go. We’re back to normal now.

Now we have our theme installed properly. Now we’re going to change our admin account. You know, it’s really a bad idea from a security standpoint, to use your admin account as an admin. So what we’re going to do is change that account. Right now, if we come over to users, see we have 2 users. We’ve got the admin user and we’ve got the Vashte user. What we’re going to do here is create a new administrator first. We’re going to add a new user and I’m going to use rick@byobwebsite and use a strong password and I’m going to make that new user an administrator.

Now what I’m going to do is take this admin user and I’m going to make them a subscriber. Since I’m logged in the as an admin, I’m logged in to this profile right now. I’m going to have to log out of it and log in to my new profile. That’s what we’ll do next is we’ll log out, log in as my new one then we’ll come back over to users, all users.

Since I’m an admin, I can edit this admin user and make them a subscriber. Okay so we didn’t delete the user. If somebody you know, successfully hacks this admin account again, they’ll have access to a subscriber account so they won’t be able to do any damage. We’re also going to change the password. Okay, try that again. Okay, update the user. Now the admin user has been downgraded to a subscriber level and we have a new admin with a new admin name and a new admin password that will be difficult for anybody to discover.

2 Comments… add one
2 comments… add one
  • Maxine Stephenson July 26, 2012, 9:05 pm

    I’ve followed the videos up to this point. However I do not get the message re the need to create a config file as you did when you refreshed the site. Any ideas?

    • Rick Anderson July 27, 2012, 3:06 pm

      If you don’t see that message, what do you get? If WP starts up then you didn’t delete your wp-config file. If nothing happens then you may be missing core WordPress files.

Leave a Comment