You have a backdoor. A hacker installed a hidden admin user or a "shell" script. Check your wp_users table for unknown usernames (like prankster123 ). Delete them. Also, delete any unused admin accounts.
The term taps into two very different worlds. On one side, it refers to a harmful social media trend in Indonesia, where content creators target ojek online (online motorcycle taxi) drivers with cruel pranks. On the other, it points to a technical need: fixing a WordPress site after installing an ill‑advised prank plugin. This article first unpacks the phenomenon of prank ojol—what it is, why it is so damaging—and then provides a complete, step‑by‑step guide to repairing a WordPress website affected by such pranks, focusing on the widely known WP Pranks plugin. prank ojol wordpress fix
If you are using WooCommerce, you can add a custom code snippet to your theme's functions.php file (or use a plugin like Code Snippets ) to enforce Indonesian phone format compliance (e.g., prefixes starting with +62 or 08 ): You have a backdoor
Install a dedicated WordPress plugin like or reCAPTCHA for WooCommerce . Delete them
The "Prank Ojol" phenomenon—where users abuse online delivery order forms (commonly associated with Indonesian ride-hailing services like Gojek and Grab, known locally as Ojek Online or Ojol )—frequently targets vulnerable WordPress websites. Bad actors script bots or manually exploit unsecured checkout, booking, or contact forms to spam fake orders. This damages your site's reputation, wastes administrative resources, and can tank your server performance.