What happens during a WordPress Hack is that the hacker gains access to your WordPress Website. He changes the password and the email address from the Dashboard area. Because of this you completely loose the WordPress access. You can neither log in to it, nor you can use the Lost your password? link as your email address in the CMS is also changed.
You may think that it is all over but don’t get upset as there is another way to get you the WordPress access back.
A database is a storage area where your WordPress user name and password is stored along with other information – like page & post titles, descriptions, meta information etc.
Whenever you log into the WordPress, then your ‘Username’ and ‘Password’ are matched to the ones stored in the database. If they match only then you are successfully logged in, if not a message Invalid Username or incorrect password is shown.
What I will do is that I will change this database password to a new one. The complete procedure of it is given below.
You can get the database name, username, password and host information by opening the wp-config.php file. This file is kept in your WordPress website’s root folder.
Open this file in notepad and find out the following lines given below:
/** The name of the database for WordPress */ define('DB_NAME', 'i604309_wp2'); /** MySQL database username */ define('DB_USER', 'i604309_wp2'); /** MySQL database password */ define('DB_PASSWORD', 'O@xsdpTXIP)*21(~2'); /** MySQL hostname */ define('DB_HOST', 'localhost');
The above lines tells the following things about the WordPress database –
Now we will show how to open the database using phpMyAdmin, and change the password.
You follow the steps outlined below.
STEP 1 – First log in to your hosting account and go to My Account.
STEP 2 – Open the cPanel by clicking the launch button.
STEP 3 – Find phpMyAdmin in cPanel Databases section, then click it.
STEP 4 – Locating your database.
When the phpMyAdmin screen opens, on the top left section click on the first plus sign. This will open the database names, match your database name given in define(‘DB_NAME’, ‘i604309_wp2’); as explained in the previous section, and click on the plus sign before it to open.
Here, the database name is i604309_wp2 (as given in the wp-config.php file).
STEP 5 – You will see the database tables, click on wp_users table as it stores the WordPress username and password.
Please note that the ‘wp_’ prefix comes from the setting $table_prefix = ‘wp_’. This setting is given inside the wp-config.php file.
STEP 6 – Changing the password.
You will see the user list here, just click the edit link for the one whose password you want to change. You will be shown all the information in textboxes which you can change easily. The field user_pass stores the password, user_login stores the username and user_email stores the email.
Change password and email to new ones and save them by clicking the Go button on the bottom.
Important – Please note that you have to store the MD5 value of the password in the user_pass field. You cannot store plain text.
After you have changed the password, you can now login to WordPress using your new password.
Thus in this way you can Reset WordPress Password and get back the access of the WordPress from the notorious hacker.