How can i prevent admin creation outside wordpress” ?

Hi @benfellah1992, thanks for reaching out.

Firstly, is this a username you recognize that may have been created through another plugin, or user management product and is being reported wrongly or is it an admin that shouldn’t exist at all? The name ‘bqiadmin’ hasn’t flagged up as one common to a specific plugin. If you know that you’ve created the admin it’s perfectly safe to “Ignore” the scan warnings.

If the user shouldn’t be there, I would recommend deleting it and turning on 2 Factor Authentication to be enforced for admin users. If you’re the only admin, set yours up and don’t turn on a grace period for other users.

Update your passwords on your hosting control panel, FTP, all WordPress admin users, and database to try eliminating a possible attack vector that was open for somebody to log in and create this user.

Just to be safe, I would ask your host if they see any admin accounts, outside of yours that can access FTP or the database on your site.

Thanks,

Peter.

Hello

– How can check which plugin created this new admin. (i dont use membership plugin or user management product, i’m the only admin and user).

@wfpeter

How can i make wordfence to send me a notification of new admins ?

Hi @benfellah1992,

If you don’t recognize the admin, then delete the user from your WordPress > Users list and make sure to follow the instructions to change passwords to very strong ones for your hosting control panel, FTP, all WordPress admin users, and database, then enable 2FA for your admin account.

Your best option if Scan for suspicious admin users created outside of WordPress is already turned on in Wordfence > All Options (therefore notifying you when there’s a scan result that needs your attention) is to turn on Wordfence > All Options > Email Alert Preferences > Alert me when someone with administrator access signs in. Then you’ll know if somebody other than you is signing in.

Thanks again,

Peter.