[responsivevoice_button voice=”UK English Female” buttontext=”Read Aloud”]
If your website becomes compromised, one of the things the criminals may do in hopes of preventing you from fixing the hack is to block your administrative privileges on your site. If that happens, you will need to create a new administrative user in your WordPress database. Before doing so, however, it is an absolute necessity to back up your database. In the event you don’t know how, the following 2 resources should prove helpful:
Backing Up Your Database with phpMyAdmin
&, if your database is too large for that or if you just find it quicker:
Backing Up Your Database from the-command-line

Now that you’ve backed up your database (you haven’t been stupid & skipped that, right? Don’t blame me if so & something bad happens), let’s create a new user. We’ll actually be working w/2 tables to do this–the users table & the usermeta table.

• Log into your control panel, then go to phpMyAdmin.
• Select the database you need to use. You can open your site’s wp-config.php file to view the name of the database if you’re unsure. To do so, scroll down to the database name. In my case, it’s abletec_msbh.
  
• Once the database is selected, go to the _users table. There will be a prefix before it, i.e., wp_users, but since this varies from site to site, I won’t include it.
  

At this point, you have 3 choices. You can either click the ‘Insert’ tab, check the box beside the user you wish to copy & press the ‘Copy’ button, or click the copy link associated w/the user you wish to copy. Copying a user may be somewhat easier, but, in the final analysis, it’s up to you, & the steps are similar in all cases. I chose the last option. The following screen appears.

• The first field is the user_id. You will need to take note of it when you work w/the usermeta table. The database will actually auto increment the number for you, as this is a primary key & therefore must be unique. So you have a couple choices here. You can determine by looking how many users you have & either enter the next number above it or don’t enter anything at all & let the database do its auto incrementing thing. You can also enter a number well above the number of users you feel you have, so if you think you have no more than 500 users, enter 600, for example. As mentioned earlier, every user_id must be unique, & it will create mucho problems if you overwrite a user_id, both for you & for that particular user. In my case, I entered 2, as I’m currently the only user on this site, since it’s new, & I’ve discouraged search engines from crawling it until I’m ready to let it go live.
• The second field is the user login name. User login names cannot be identical, so, if you copied the user, change the login name here. I changed mine from abletec to jackie.
• The 3rd field is the password. Type in your password, then click in the Functions list box & choose MD5. This will create a hash of the password so that it’s not stored in the database as plain text.
• The next field is user_nicename. I’ll use the same as my login name here (except to capitalize the J), but you can make it whatever you’d like.
• The next field, user_email, is another of those fields which cannot contain duplicates, so change this to an email address to which you have access. Create 1, if need be, but not on your server, since you cannot be certain precisely how far the compromise extends. GMail is a good option for this.

The rest of the fields can be left alone, though I’ve chosen to change my display name to “Jackie McBride” as opposed to “abletec” for the previous user.

Once done, press the ‘go button. You’ll be returned to the users table, w/the new user row you just created.

Next, we’ll go to the usermeta table. Select the database you’re using as in step 2 above, then click the usermeta table. Because there are a fair number of rows in this table, most of which we won’t be using, we’re going to click the ‘Insert tab & forget about copying anything. Once we do, the following screen appears:

• The first field w/which you’re presented is umeta_id. As w/the userID in the users table, the umeta_id will auto increment, so don’t enter anything.
• The 2nd field is the user_id, which in my case was 2. Yours is whatever you took note of when you created a new user.
• The next field has a column name of ‘metakey. In the edit box for that column, type YourWordPressTablePrefix_capabilities
  . In other words, if your WordPress table prefix is wp_ simply type wp_capabilities. If, however, it’s wpq8_, (and it’s often standard practice with autoinstallers to modify the table prefix to something other than just wp_), then you’ll need to type the entire table prefix, wpq8_capabilities as in the example. Failure to do so will log you into the site, but the dashboard will be absent. Please don’t ask me how I know.
• The next column is entitled meta_value; in its associated edit field, type a:1:{s:13:”administrator”;b:1;}
  . Another word of warning here–make sure the quote marks are straight quotes. If you copied and pasted material from a website, (including this one, unfortunately), the quotes might be smart or curly quotes, and that may or may not work out well. Again, don’t ask how I know this. If you have doubts, enter the quotes from the keyboard–hold down the shift key and press the key just to the right of the semicolon.

You’ve finished that row, so let’s go to the next.

• Leave the umeta_id field blank.
• Enter the ID of the user you created initially again in the user_id column.
• In the meta_key column, enter wp_user_level
  .
• In the meta_value column, enter 10
  .

This is all that’s required to set up a new administrative user. Click the ‘Go’ button to save your changes. You can now log into the dashboard with your new administrative user credentials. Incidentally, feel fre to copy & paste values like wp_capabilities, the metavalue, which is really long & complicated, etc. Just be sure spaces aren’t selected at the beginning or end of these values if you do so, and beware special characters. I tried to format this post to make it both possible & easy to do.