People spamming Posts on my wordpress blog, but how?

[innocent07]

I made a post to my wordpress blog 4 days ago, and have gone back on it now and have found that it has spam posts (posts i didnt write) and these are in French. - These are Posts, and not comments, (- just clearing that up)

How did somebody else post posts on my wordpress blog (which i have a username/password log in)

has anybody else experienced this?

and how can i stop people from posting on my blog, and posting these spam posts? (i thought i was the only one who can write/post on it)

NB I am not on about people posting Spam comments, but people are actually posting threads on my blogs which are in french.

[great_yalta]

Install an anti spam plug in such as 'can you do math'. Wordpress plugin search.

[BloomerBeak]

how is this possible? My friend's blog also got this.

[innocent07]

Quote:

Originally Posted by BloomerBeak

how is this possible? My friend's blog also got this.

Yes, how is this possible? i found it strange,.... visitors cant post on peoples private blogs, can they ?

[patJ]

Uh, they hacked your blog perhaps? Update WP if you haven't already. Then change your password and login. Perhaps you should even hide your wp-admin folder.

[Eric Lorence]

Unless they cracked your password, or your settings allow guest posters.

First change you login password to a strong one, update Wordpress to the latest version.

Create a new administrator user name and password, then login with that name, and delete the old "admin" user.

Go into users, and make sure all new members are at the "subscriber" level when the sign up.

[IM Headlines]

Maybe your blog got hacked? I don't know... You should install some anti spam plug-in. There's one that's really good, I can't remember it's name though.

You should search for it on google

[innocent07]

Quote:

Originally Posted by a-marketing

Maybe your blog got hacked? I don't know... You should install some anti spam plug-in. There's one that's really good, I can't remember it's name though.

You should search for it on google

can you try finding-searching for it for me please... go on

[BloomerBeak]

hmmm..thanks. I'll suggest to my friend to do some research. hehe

[innocent07]

Quote:

Originally Posted by Eric Lorence

Unless they cracked your password, or your settings allow guest posters.

First change you login password to a strong one, update Wordpress to the latest version.

Create a new administrator user name and password, then login with that name, and delete the old "admin" user.

Go into users, and make sure all new members are at the "subscriber" level when the sign up.

Thanks people n eric.

Can you change your wordpress username ? I thought admin was the only one of the blogs owner?

Where do you go to change username?

and installing a new version of Wordpress- will that delete all my posts? or transfer them to the new version?

and is it an automatic transfer?

Get back in a bit of detail, if you can please.

[innocent07]

Quote:

Originally Posted by flimsy

Hi,

I have noticed that many wordpress blog owners complain about that spam comment issue.

it isnt a Spam comment issue, - people are actually posting threads on my blogs (like they have access to post) - when they dont have access, only I have access, as the blog manager.

[Bob Monie]

Quote:

Originally Posted by great_yalta

Install an anti spam plug in such as 'can you do math'. Wordpress plugin search.

I don't think a spam plug in will fix this issue. It appears to be a blatant hack, becuase it effects posts not comments. This is probably due to them cracking the login details.

Custom software that these hackers have made, automatically scout the web for new blogs, then automatically crack the passwords, then automatically post spam posts. This is all while the scum hackers are sleeping.

apparently 80% of wordpress blogs that have been manually installed on the internet, have the defult user name of "admin". This is a big security floor and makes it million times easier for a hacker.

Its a pain in the ass that you have to do a new install on a clean database to change your user name. Well I think you do.

I love wordpress so much and would never use another static website ever again if i get my way. There are just so many security issues to deal with.

In the last month alone iv had my webhosting account hacked and countless php files uploaded to 30 of my wordpress domains.

my .htaccess file in my home directory had some weird search engine traffic redirect uploaded to it. This inturn redirected all search engine traffic from my 30 addon domains to their stupid site. Took me 5 days to find the issue because my sites still appeared to be working fine.

had dodgy javascript inserted into my php files so it appeared that my site had a virus. Google then listed my site as dangerous.

So stressfull and waste so much of my time trying to keep these security breaches under control with 30 blogs.

Just be very wary of these issues.

[Johnathan]

Quote:

Originally Posted by innocent07

I made a post to my wordpress blog 4 days ago, and have gone back on it now and have found that it has spam posts (posts i didnt write) and these are in French. - These are Posts, and not comments, (- just clearing that up)

How did somebody else post posts on my wordpress blog (which i have a username/password log in)

has anybody else experienced this?

and how can i stop people from posting on my blog, and posting these spam posts? (i thought i was the only one who can write/post on it)

NB I am not on about people posting Spam comments, but people are actually posting threads on my blogs which are in french.

What is your site URL, and what version of wordpress are you using?

Chances are they've found some simple php exploit.

[Eric Lorence]

You can't "change" the default "admin" user name, but you can create a new administrator account under "users".

Create the account with a unique user name, and give that account administrator privileges and a strong password (P_@sSw0R-d).

Then log out, and log in again under the new user name, it is important to delete the "admin" user account once you're done.

[stateless]

It definitely sounds like your WP has been hacked. I do tend to rceeive lots of wordpress comments, but as I moderate, I delete them all before they actually make the blog.

[houdy]

... again this has noting to do with comments... geezzzz...

After doing what Eric just said, when you delete the old admin user you will get prompted to delete the posts of the admin user or transfer them to another user. Just choose to move them to the new user account.