“Fake” users/authors

  • Recently a number of people have managed to break into my blog and sign themselves up as authors. So far, I have managed to catch them and delete them before they could do any damage.

    I have changed my password, but since I did that I had 3 more such attacks.

    Does anyone know anything about this–and how to deal with it?

    thanks

Viewing 5 replies - 1 through 5 (of 5 total)

  • Do you mean they registered as users (at whatever level is set your blog) or they registered and promoted themselves to the “Author” level/role?

    There are reports about some kind of “registering spam” going on…

    Thread Starter stellarlogic

    (@stellarlogic)

    They somehow got into the dashboard and registered themselves as authors. The first time it happened I figured that they “guessed” my password, so I changed it, but then it has happened at least 3 more times (at least).

    What did your host say?
    Although, before that, let me ask you this: how many files do you have wild open = chmod 666, for online editing?

    Thread Starter stellarlogic

    (@stellarlogic)

    Jeebus, I have no clue. I guess I will have to figure out how to figure that out!

    I mean did you ever edit your template files with the online Theme Editor?

    If the answer is yes, you used the methods described here:
    https://codex.www.ads-software.com/Changing_File_Permissions
    meaning if you changed any file permissions, you need to change them back.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘“Fake” users/authors’ is closed to new replies.

Tags