Wordpress Security Issue - Somebody published as admin

by 7 replies
8
Hi,

Security Issue in my wordpress blog.

Today, i got mail that one post is published on my blog in the night which i did not published.

and more shocking is - its published my admin (my id)

I am already using these security plugins - akismet, jetpack, login captcha, loginizer.

now my questions is -

how to check and block this person for entering into my website again? i guess changing password immediately, any way to track and block IP address of this person? if i check location in analytics and block readers from that city....is it right strategy?

Further, what all plugins to install to prevent such issues in future? and to track future activities?

Please advice. Its urgent.

Thanks & Regards
#website design #admin #issue #published #security #wordpress
  • [DELETED]
    • [ 1 ] Thanks
    • [1] reply
    • No.... which one is better? i will install. preferably free
  • Install cache plug in immediately and file a complain regarding him and use secure data base for your website
    • [ 1 ] Thanks
    • [1] reply
    • How and where to file complain?
  • Recently there was a report published by on the internet that in 2016, 16000 word press websites were hacked. After the research they were able to conclude that the applications were hacked not because of core WordPress vulnerability, but most of these websites were using outdated plugins.Maybe you are using a outdated plugin in your website.
    • [ 1 ] Thanks
  • What i did immidiately is -

    - i removed him from users as he registered himself as admin
    - channed my own password
    - installed cache plugin and activity log plugin
    - i remained his post on my site but now its showing on my name as i removed him from users and i deleted all backlinks from post... i guess he did all this for dofollow backlinks.

    Now i saw that he tried to login multiple times with login failed as shown in activity log and then he mailed me that -



    He first registered and published post on my site without my information and permission. and now blackmailing me saying i can not delete this post and have to attribute and link back.
    • How to handle this case?
    • Did i make mistake removing him from users and keeping his post?
    • Should i remove the post and get out of this?
    • Can i check image and post attribution? what detail scan i ask to verify it?
    • Actually what is the right way to handle such cases?

      whom to complain for this? and how?

      as he said, if he complains for me, how can it impact me?

      Sorry these are dumb questions, but first time i am facing such issue .... would be great learning for future
  • How does he have admin access anyway?

    If you have given this to him than this is probably your fault however if he has obtained the log in details without your permission than you need to change the log ins (which you have done) and ensure you create accounts for anyone else who will be uploading to your site.

    I have had people try and get into my site as admins a few times now and each time I get an email warning me. I also have the latest plug ins and don't share the passwords with anyone.

    I think you need to provide more info in this case.

    His request is only fair if you gave him your password, however if it was only up there for a short time and you didn't give him permission to publish it then his threat is invalid.

    I would have a clear agreement with anyone who is publishing on your account from now on, as what he is requesting doesn't make a lot of sense.
    • [1] reply
    • i did not given any access. it is just that being newbie on wordpress, i am learning and working. My setting was wrong where selected anyone can register and admin was there in option. So it was lack of knowledge and mistake. and after this thing I searched internet and immediately made all these changes.

      I never knew this man and he came from somewhere, registered and published and next day i got a mail that new post is published on your site.

      That guy as per his IP address (180.190.79.107) is from Phillipines, his name is louiedimaano .

      I am learning from mistakes. but also want to know how to handle it.

Next Topics on Trending Feed