An admin user with the username admin was created outside of WordPress.

  • Resolved cgl102770

    (@cgl102770)


    4 years, 9 months ago

    Wordfence emailed me with the message: “An admin user with the username admin was created outside of WordPress.”

    I logged in, deleted the ‘admin’ user, added a new username and password for myself and deleted my old username. I deleted any unneeded plugins, and changed the login address.

    I know some of the above changes may not matter since they logged in outside of WordPress though thought it wouldn’t hurt. I also backed up the site (though if it’s hacked I guess the backup may be hacked as well).

    I’m not sure what else I should do. I’m using the free version of Wordfence so not sure if upgrading would help at this point. Also, I deleted the hacked username before trying to see if I could get any ip information or anything else on it unfortunately.

    So, any advice is greatly appreciated. Currently the site looks the same though I want to make sure I’ve done everything I can to protect it.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hey @cgl102770,

    Can you please share your URL?

    It sounds like you have taken the appropriate measures. I would also suggest using Two-Factor, it’s hard to say if it would’ve helped with this, but it’s one of the most important security features you can enable.

    When you run a scan are you seeing any other oddities in the results?

    Thanks,

    Gerroald

    Hey @cgl102770,

    We haven’t heard back from you in a while, so I’ve gone ahead and marked this thread as resolved.

    Please feel free to open another thread if you still have any questions.
    Thanks,

    Gerroald

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘An admin user with the username admin was created outside of WordPress.’ is closed to new replies.