Fixing the Hetzner Hack

A lot of password resetting

HetznerIf you run a WordPress website and host it on Hetzner you will have heard about their Konsoleh client portal being compromised by a Hack into their SQL database…Although noone seems entirely clear as to how this security breach can affect us, it would be wise to follow their instructions and reset your ftp passwords and your database passwords.

The ftp password is quite simple to update, but if you are running a WordPress website you will need to update the database password as well. Log into Konsoleh, navigate to > Manage Services > Databases > Manage MySQL. Select the database to edit and in the password field enter the new password. Its advisable to use a strong password generator . Keeping this password on hand log onto your ftp server and download the file usually found in public_html called wp-config.php . (Otherwise it is found in the core files of your wordpress folder)

In this file you will need to change the database password found in the following string of the file  (‘DB_PASSWORD’, ‘password_changed_here’) to the password you have just updated in Konsoleh.

It’s fairly simple, save the file and re-upload it to the server where you fetched it from. Check your site, if you encounter an error such as ‘DATABASE ERROR ESTABLISHING CONNECTION’ this simply means the passwords were not set correctly or there was some error in copy pasting to the file you updated.

During the course of today whilst updating the passwords on all my clients sites this error occurred a few times. Although I was extremely careful, sometimes it just required that I deleted the old wp-config.php file and uploaded the new one, or in other instances just reset the password on the server.

I would like to emphasize that I have every confidence in Hetzner and this security breach has only benefited them in becoming even more secure.

If anyone requires my assistance, as this is a long and tedious process if you have many sites hosted on the Hetzner Server, don’t hesitate to call The First Step.

Good Luck!



WordPress Training in Cape Town

The First Step offers WordPress training to anyone wanting to have more control over their WordPress website, Blogsite, Ecommerce shop or website.

Training is provided on a 1 to 1 basis either over Skype or at our offices. You can decide on the length of your training. Ideally you will need your own computer, laptop, Ipad or even a phone but this is a little more tricky to acheive training. We are based in Hout Bay, Cape Town, but distance is no problem. Download Skype and we can assist you just as easily by sharing our screens with you as you learn the different areas of your WordPress dashboard and what each one can do.

WordPress has a very clear interface and with a little perserverence you will be mastering your own site in no time.

A few valuable resources will help get you on your way. These will be specified below.

Firstly you need to know how to login to your WordPress website.  In most instances unless you have changed the login url for security reasons, you can reach your dashboard by appending your domain name with /wp-admin


You will be prompted to enter your username and password.

You will need to enter your Website username and password to log in. Once logged in your dashboard can be momentarily overwhelming. Just focus on the menu on the left hand side of your dashboard. You are looking for Pages or Posts.

Click on either of these links and you will be able to edit an old page or post or start a new one.

Many people start their own WordPress site at . Here your website hosting is free and you have a variety of templates to choose from and limited functionality, but this is a great place to start familiarizing yourself with WordPress. Even so, it can become daunting and the once great intentions to build, master and host your own side and side step a web developer can be sidelined and all but forgotten.

Don’t lose hope. An hour or two of WordPress training at The First Step will get you back on your feed and running your own site, blog or online business like you are a pro! Don’t be daunted, take WordPress by the healm and master the most versatile publishing platform on the web.

Good luck from The First Step.


WordPress Hacked

How do I fix a hacked site? WordPress….

Did you recently receive an email from your service provider informing you that they have temporarily taken your site down due to security vulnerabilities and a hack?

This is quite a serious situation to be in. Not only is your website taken off-line, but the integrity of your business is compromised by hackers with malicious intent to use your site to farm traffic to their own often unethical websites.

This issue needs to be addressed immediately by someone with a good knowledge of recovering your website from a hack.

The First Step is experienced in fixing WordPress websites that have been hacked and compromised. A number of steps will be taken to clean up the bad content and in some instances this will require removing WordPress Plugins that are vulnerable to hacks and replacing them with new ones.

Once your website is back up we will add security plugins to keep hackers out and your content safe. Essentially you should have your website monitored and constantly updated to keep up with new security releases of your WordPress version and your WordPress plugins.

Having a secure WordPress Website is securing your online business.

Contact The First Step to secure your website against attackers.