{"id":4800,"date":"2012-11-18T19:46:06","date_gmt":"2012-11-18T11:46:06","guid":{"rendered":"http:\/\/inertz.com\/blog\/?p=4800"},"modified":"2018-07-17T14:07:37","modified_gmt":"2018-07-17T06:07:37","slug":"wordpress-kena-hack-admin-password-kena-hack","status":"publish","type":"post","link":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/","title":{"rendered":"WordPress kena hack, admin password kena hack"},"content":{"rendered":"<p>Bagi pengguna wordpress, tentu risau kalau blog kena hack. Kadang kala kita pelik, password dah cukup kompleks tapi masih kena hack. Banyak tips-tips kat internet yang memberikan jalan macam mana nak cegah blog kena hack. Dan paling biasa kita dengar adalah menyuruh update versi skrip yang digunakan, tukar password dan sebagainya. Agak sukar juga bagi yang bukan dari later belakang IT untuk menyelesaikan masalah ni. Boleh minta bantuan pihak hosting kita juga untuk membantu.<\/p>\n<p>Kali ni aku bukanlah nak cerita pasal blog ni kena hack, tapi cara-cara nak dapatkan balik kawalan terhadap blog kalau kena hack terutamanya bila admin password telah ditukar.<\/p>\n<blockquote><p>Cara nak reset balik admin password.<\/p>\n<p>1. Boleh guna fungsi &#8216;Lost your password?&#8217; pada admin page.<br \/>\n&#8211; Hanya jika hackers tidak tukar email admin. Biasanya melalui sql injection hackers dapat tukar email atau password atau apa-apa sahaja yang diinginkan dalam database.<\/p>\n<p>2. Guna PHPMYADMIN dalam Cpanel untuk tukar password.<br \/>\n&#8211; Lihat dalam table &#8216;wp_users&#8217; dan cari user yang kita nak reset password. Contoh disini &#8216;testuser&#8217;. Klik pada bahagian edit(lihat gambar).<br \/>\n&#8211; Pilih &#8216;user_pass&#8217; daripada dropdown pilih MD5. Buang value sedia ada contohnya &#8216;$P$Bz2k.90Xuuo24YFBwHeMQhlTXdx5lb\/&#8217;. Dan gantikan dengan password kita nak. Contohnya sini saya tukar kepada &#8216;qwerty123*&#8217; dan klik GO. Password telah ditukar dan value baru adalah &#8216;d6383d35a8c11149e13c1729dcfa072b&#8217;<br \/>\n&#8211; Boleh test guna password &#8216;qwerty123* untuk login sekarang.<\/p>\n<p style=\"text-align: center;\"><a href=\"http:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/wpuser.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-4803\" title=\"wpuser\" src=\"http:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/wpuser-620x204.jpg\" alt=\"\" width=\"620\" height=\"204\" srcset=\"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/wpuser-620x204.jpg 620w, https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/wpuser-300x99.jpg 300w, https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/wpuser.jpg 999w\" sizes=\"auto, (max-width: 620px) 100vw, 620px\" \/><\/a><\/p>\n<p style=\"text-align: center;\"><a href=\"http:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4804\" title=\"md5pass\" src=\"http:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg\" alt=\"\" width=\"734\" height=\"609\" srcset=\"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg 734w, https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass-300x248.jpg 300w, https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass-620x514.jpg 620w\" sizes=\"auto, (max-width: 734px) 100vw, 734px\" \/><\/a><\/p>\n<p>3. Guna Guna PHPMYADMIN dalam Cpanel untuk tukar email.<br \/>\n&#8211; Sama macam kaedah nombor 2 tetapi tukar email.<br \/>\n&#8211; Guna kaedah nombor satu untuk reset password.<\/p><\/blockquote>\n<p>Tips-tips lain.<\/p>\n<p>1. Pastikan sentiasa buat backup terhadap theme wordpress yang kita gunakan. Database juga penting. Pastikan sentiasa ada backup.<\/p>\n<p>2. Pastikan wordpress sentiasa update.<\/p>\n<p>3. Buang plugins yang tidak dipakai. Update plugins.<\/p>\n<p>4. Periksa hosting bagi fail-fail yang pelik yang bukan kita upload. Biasanya fail ini mungkin boleh ada dalam folder uploads.<\/p>\n<p>5. Periksa fail .js(javascript) dan .htaccess dan lihat kandungan jika ada code base64. Kemungkinan injection hackers.<\/p>\n<p>6. Sesetengah plugins seperti supercache dan sebagainya menyimpan fail dalam cache. Kadangkala fail injection telah dibuang tetapi disebabkan ada cache, injection tersebut kembali setelah beberapa ketika.<\/p>\n<p>7. Sentiasa update antivirus kemungkinan virus dalam pc yang menyebabkan injection.<\/p>\n<p>8. Minta pihak hosting melakukan scanner.<\/p>\n<p>Plugins yang baik untuk wordpress.<\/p>\n<p>1. WebsiteDefender WordPress Security<\/p>\n<p>2. <a title=\"Timthumb Vulnerability Scanner\" href=\"http:\/\/wordpress.org\/extend\/plugins\/timthumb-vulnerability-scanner\/\" target=\"_blank\">TimThumb Vulnerability Scanner<\/a><\/p>\n<p>3. <a title=\"Sucuri Sitecheck Malware Scanner\" href=\"http:\/\/wordpress.org\/extend\/plugins\/sucuri-scanner\/\" target=\"_blank\">Sucuri Sitecheck Malware Scanner<\/a><\/p>\n<p>Bagi blog yang kena hack, biasanya samaada index.php telah digantikan atau terdapat index.html injection dalam blog. Biasanya ikut priority index.html atau index.htm dibaca dahulu sebelum index.php. Biasanya ini mudah digantikan dengan script baru wordpress. Dan jika masih ada hack, biasanya daripada theme. Pastikan kita sentiasa ada backup theme.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bagi pengguna wordpress, tentu risau kalau blog kena hack. Kadang kala kita pelik, password dah cukup kompleks tapi masih kena hack. Banyak tips-tips kat internet yang memberikan jalan macam mana nak cegah blog kena hack. Dan paling biasa kita dengar adalah menyuruh update versi skrip yang digunakan, tukar password dan sebagainya. Agak sukar juga bagi [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4804,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,3],"tags":[4401,551,3585,4402,209],"class_list":["post-4800","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-artikel","category-misc","tag-admin","tag-hack","tag-kena","tag-password","tag-wordpress"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Wordpress kena hack, admin password kena hack - https:\/\/inertz.com\/blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Wordpress kena hack, admin password kena hack - https:\/\/inertz.com\/blog\" \/>\n<meta property=\"og:description\" content=\"Bagi pengguna wordpress, tentu risau kalau blog kena hack. Kadang kala kita pelik, password dah cukup kompleks tapi masih kena hack. Banyak tips-tips kat internet yang memberikan jalan macam mana nak cegah blog kena hack. Dan paling biasa kita dengar adalah menyuruh update versi skrip yang digunakan, tukar password dan sebagainya. Agak sukar juga bagi [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/\" \/>\n<meta property=\"og:site_name\" content=\"https:\/\/inertz.com\/blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/facebook.com\/inertz\" \/>\n<meta property=\"article:author\" content=\"https:\/\/web.facebook.com\/inertz\" \/>\n<meta property=\"article:published_time\" content=\"2012-11-18T11:46:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-07-17T06:07:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"734\" \/>\n\t<meta property=\"og:image:height\" content=\"609\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/inertz\" \/>\n<meta name=\"twitter:site\" content=\"@inertz\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Wordpress kena hack, admin password kena hack - https:\/\/inertz.com\/blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/","og_locale":"en_US","og_type":"article","og_title":"Wordpress kena hack, admin password kena hack - https:\/\/inertz.com\/blog","og_description":"Bagi pengguna wordpress, tentu risau kalau blog kena hack. Kadang kala kita pelik, password dah cukup kompleks tapi masih kena hack. Banyak tips-tips kat internet yang memberikan jalan macam mana nak cegah blog kena hack. Dan paling biasa kita dengar adalah menyuruh update versi skrip yang digunakan, tukar password dan sebagainya. Agak sukar juga bagi [&hellip;]","og_url":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/","og_site_name":"https:\/\/inertz.com\/blog","article_publisher":"https:\/\/facebook.com\/inertz","article_author":"https:\/\/web.facebook.com\/inertz","article_published_time":"2012-11-18T11:46:06+00:00","article_modified_time":"2018-07-17T06:07:37+00:00","og_image":[{"width":734,"height":609,"url":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/inertz","twitter_site":"@inertz","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#article","isPartOf":{"@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/"},"author":{"name":"admin","@id":"https:\/\/inertz.com\/blog\/#\/schema\/person\/d27d47b78673d67d4de15a57cd609ed9"},"headline":"WordPress kena hack, admin password kena hack","datePublished":"2012-11-18T11:46:06+00:00","dateModified":"2018-07-17T06:07:37+00:00","mainEntityOfPage":{"@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/"},"wordCount":435,"commentCount":1,"publisher":{"@id":"https:\/\/inertz.com\/blog\/#organization"},"image":{"@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg","keywords":["admin","hack","kena","password","wordpress"],"articleSection":["artikel","misc"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/","url":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/","name":"Wordpress kena hack, admin password kena hack - https:\/\/inertz.com\/blog","isPartOf":{"@id":"https:\/\/inertz.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#primaryimage"},"image":{"@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg","datePublished":"2012-11-18T11:46:06+00:00","dateModified":"2018-07-17T06:07:37+00:00","breadcrumb":{"@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#primaryimage","url":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg","contentUrl":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2012\/11\/md5pass.jpg","width":"734","height":"609"},{"@type":"BreadcrumbList","@id":"https:\/\/inertz.com\/blog\/wordpress-kena-hack-admin-password-kena-hack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/inertz.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress kena hack, admin password kena hack"}]},{"@type":"WebSite","@id":"https:\/\/inertz.com\/blog\/#website","url":"https:\/\/inertz.com\/blog\/","name":"https:\/\/inertz.com\/blog","description":"19 tahun blog belum pupus","publisher":{"@id":"https:\/\/inertz.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/inertz.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/inertz.com\/blog\/#organization","name":"https:\/\/inertz.com\/blog","url":"https:\/\/inertz.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/inertz.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2021\/05\/server.png","contentUrl":"https:\/\/inertz.com\/blog\/wp-content\/uploads\/2021\/05\/server.png","width":512,"height":512,"caption":"https:\/\/inertz.com\/blog"},"image":{"@id":"https:\/\/inertz.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/facebook.com\/inertz","https:\/\/x.com\/inertz"]},{"@type":"Person","@id":"https:\/\/inertz.com\/blog\/#\/schema\/person\/d27d47b78673d67d4de15a57cd609ed9","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/inertz.com\/blog\/wp-content\/litespeed\/avatar\/9cb42e3829b77fd9cc6fefd707ea0f1a.jpg?ver=1780245170","url":"https:\/\/inertz.com\/blog\/wp-content\/litespeed\/avatar\/9cb42e3829b77fd9cc6fefd707ea0f1a.jpg?ver=1780245170","contentUrl":"https:\/\/inertz.com\/blog\/wp-content\/litespeed\/avatar\/9cb42e3829b77fd9cc6fefd707ea0f1a.jpg?ver=1780245170","caption":"admin"},"sameAs":["http:\/\/inertz.com\/blog","https:\/\/web.facebook.com\/inertz","https:\/\/www.instagram.com\/inertz\/","https:\/\/www.linkedin.com\/in\/inertz\/","https:\/\/x.com\/https:\/\/twitter.com\/inertz"],"url":"https:\/\/inertz.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/posts\/4800","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/comments?post=4800"}],"version-history":[{"count":0,"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/posts\/4800\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/media\/4804"}],"wp:attachment":[{"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/media?parent=4800"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/categories?post=4800"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/inertz.com\/blog\/wp-json\/wp\/v2\/tags?post=4800"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}