8 {{ upvoteCount | shortNum }}
8 {{ upvoteCount | shortNum }}

Wordpress Security Issue - Somebody published as admin

by Linens
7 replies
  • WEB DESIGN
    • |
Hi,

Security Issue in my wordpress blog.

Today, i got mail that one post is published on my blog in the night which i did not published.

and more shocking is - its published my admin (my id)

I am already using these security plugins - akismet, jetpack, login captcha, loginizer.

now my questions is -

how to check and block this person for entering into my website again? i guess changing password immediately, any way to track and block IP address of this person? if i check location in analytics and block readers from that city....is it right strategy?

Further, what all plugins to install to prevent such issues in future? and to track future activities?

Please advice. Its urgent.

Thanks & Regards
#admin #issue #published #security #wordpress
  • Profile picture of the author healthproblog
    [DELETED]
    {{ DiscussionBoard.errors[10914132].message }}
  • Profile picture of the author Wordsmith11
    Install cache plug in immediately and file a complain regarding him and use secure data base for your website
    {{ DiscussionBoard.errors[10914264].message }}
  • Profile picture of the author JohnAdam1
    Recently there was a report published by on the internet that in 2016, 16000 word press websites were hacked. After the research they were able to conclude that the applications were hacked not because of core WordPress vulnerability, but most of these websites were using outdated plugins.Maybe you are using a outdated plugin in your website.
    Signature

    John Adams
    Classic PDF|| Best PDF converter/Editor

    {{ DiscussionBoard.errors[10914485].message }}
  • Profile picture of the author Linens
    What i did immidiately is -

    - i removed him from users as he registered himself as admin
    - channed my own password
    - installed cache plugin and activity log plugin
    - i remained his post on my site but now its showing on my name as i removed him from users and i deleted all backlinks from post... i guess he did all this for dofollow backlinks.

    Now i saw that he tried to login multiple times with login failed as shown in activity log and then he mailed me that -

    "I can see that there is a blog posted in your website with this URL .....

    Being the writer of this article and with proper licensing of photos, I would like to ask an attribution on the article and photos.

    I have a license of the photo used in your website and have captured a screenshot which will be reported for DMCA violations if you cannot comply on this.

    Deletion of the photo will not be an excuse as this has already been used in your site with no proper permission

    Please restore link to the following site ..........

    Also photos should be attributed to link back to the website as they have been taken by our in house photographer for the company's use"

    He first registered and published post on my site without my information and permission. and now blackmailing me saying i can not delete this post and have to attribute and link back.
    • How to handle this case?
    • Did i make mistake removing him from users and keeping his post?
    • Should i remove the post and get out of this?
    • Can i check image and post attribution? what detail scan i ask to verify it?
    • Actually what is the right way to handle such cases?

      whom to complain for this? and how?

      as he said, if he complains for me, how can it impact me?

      Sorry these are dumb questions, but first time i am facing such issue .... would be great learning for future
    Signature
    Linens'n'Curtains - Customized Shabby Chic Bedding Store
    CHANAP - Home Decor Ideas | Animation Videos
    {{ DiscussionBoard.errors[10916358].message }}
  • Profile picture of the author SummerDaze
    How does he have admin access anyway?

    If you have given this to him than this is probably your fault however if he has obtained the log in details without your permission than you need to change the log ins (which you have done) and ensure you create accounts for anyone else who will be uploading to your site.

    I have had people try and get into my site as admins a few times now and each time I get an email warning me. I also have the latest plug ins and don't share the passwords with anyone.

    I think you need to provide more info in this case.

    His request is only fair if you gave him your password, however if it was only up there for a short time and you didn't give him permission to publish it then his threat is invalid.

    I would have a clear agreement with anyone who is publishing on your account from now on, as what he is requesting doesn't make a lot of sense.
    {{ DiscussionBoard.errors[10916414].message }}
    • Profile picture of the author Linens
      Originally Posted by SummerDaze View Post

      How does he have admin access anyway?

      If you have given this to him than this is probably your fault however if he has obtained the log in details without your permission than you need to change the log ins (which you have done) and ensure you create accounts for anyone else who will be uploading to your site.

      I have had people try and get into my site as admins a few times now and each time I get an email warning me. I also have the latest plug ins and don't share the passwords with anyone.

      I think you need to provide more info in this case.

      His request is only fair if you gave him your password, however if it was only up there for a short time and you didn't give him permission to publish it then his threat is invalid.

      I would have a clear agreement with anyone who is publishing on your account from now on, as what he is requesting doesn't make a lot of sense.
      i did not given any access. it is just that being newbie on wordpress, i am learning and working. My setting was wrong where selected anyone can register and admin was there in option. So it was lack of knowledge and mistake. and after this thing I searched internet and immediately made all these changes.

      I never knew this man and he came from somewhere, registered and published and next day i got a mail that new post is published on your site.

      That guy as per his IP address (180.190.79.107) is from Phillipines, his name is louiedimaano .

      I am learning from mistakes. but also want to know how to handle it.
      Signature
      Linens'n'Curtains - Customized Shabby Chic Bedding Store
      CHANAP - Home Decor Ideas | Animation Videos
      {{ DiscussionBoard.errors[10916420].message }}

Trending Topics