Wordpress admin interface lost its style
March 1, 2012 9:17 AM   Subscribe

Suddenly, and for no obvious reason, my Wordpress installation seems to have lost its style sheets for all of the admin interface. The blog is fine, by the way. What the heck do I do to fix it?

This is the lastest version, 3.3.1, on Dreamhost, if that matters. I've been using Wordpress for years and nothing like this have ever happened before. Everything works, oddly enough, but it's hard to visually parse.
posted by tommasz to Computers & Internet (8 answers total) 1 user marked this as a favorite
Best answer: Did you recently update WP or a plugin? Try deactivating plugins (all) and see what happens. If that fixes it, turn them back on one by one.

Also, this could mean you've been hacked. *COULD* though may also be nothing, so keep that in mind. Install one of those Wordpress security scanner plugins.
posted by Blake at 9:36 AM on March 1, 2012

Response by poster: Running WP Exploit Scanner I'm seeing a lot of:

I'm not a PHP expert, but this seems odd. Could this be it?
posted by tommasz at 9:57 AM on March 1, 2012

Response by poster: Dang, the code was removed. It's basically an eval() expression with a long base64 string after it.
posted by tommasz at 9:58 AM on March 1, 2012

Best answer: Any time you see an eval() expression with base64 inside, you've been hacked.

I found a blog post with more information: If you get eval(base64 hacked on wordpress/dreamhost. Haven't had time to check out his instructions, but they look OK at a glance.
posted by expialidocious at 10:08 AM on March 1, 2012

Best answer: oh dear lord, that ain't never good. If I was a betting man I'd bet you got yourself injected. Get rid of everything and start over, that is, delete all your plugins and WP files, and reinstall.
posted by Blake at 10:09 AM on March 1, 2012

Best answer: You might also look for extra admin users in your database. And change database passwords when you reinstall.
posted by expialidocious at 10:12 AM on March 1, 2012

Response by poster: I deactivated all of the plugins and the problem with the admin interface went away. I then deleted all of my plugins and themes, re-installed Wordpress and then cleaned up the remaining instances of that eval() code littered amongst the remaining php files. I also deleted the admin user, redid all of the passwords, including mysql and now it's okay.

I saved a list of all the plugins I use so I can reinstall them one by one. This definitely hasn't been much fun but it was enlightening, to say the least. Thanks for the guidance.
posted by tommasz at 11:09 AM on March 1, 2012

Response by poster: I use both LastPass and KeePass, the latter because I have a number of PINs and passwords that I need to remember for work that aren't web-based. All of my new passwords were generated by KeePass (which I have on my work Win 7 PC, my Android phone and my home Mac).

The only caveat is that some services are particularly picky about which non-alphabetic characters they'll accept. Luckily, both LastPass and KeePass allow you to modify the characters used to fit just about any set of requirements.
posted by tommasz at 7:01 AM on March 2, 2012

« Older What would happen if you crushed a car to the size...   |   Can you help me create funny and encouraging signs... Newer »
This thread is closed to new comments.