login breached

  • Resolved jronna

    (@jronna)


    9 months, 4 weeks ago

    Someone was able to login with my username, and I am an admin. They are in Bangladesh. I changed my password and blocked the IP address but I am guessing the damage is done and the bad guys have gotten into the backend. I am not sure what to do. Any suggestions?

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Run a full scan with Wordfence, also check under Users section in case they added themselves.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @jronna,

    Russell is correct, it’s certainly worth running a full scan to ensure files or malicious code haven’t been inserted into your site and check for any users (especially with administrative access) that you did not add or recognize.

    Secondly, we do provide 2FA and reCAPTCHA through our Wordfence > Login Security module. One or both of these, with 2FA set to “Required” for administrators greatly reduces the possibility of a malicious source gaining access even if your password becomes known. Make sure to set a grace period if there are other administrators on your site that need time to comply with the changes: https://www.wordfence.com/help/login-security/#two-factor-authentication-options

    As a rule, any time I think someone’s site has been compromised I also tell them to update their passwords for their hosting control panel, FTP,  WordPress admin users, and database. Make sure to do this.

    Thanks,
    Peter.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘login breached’ is closed to new replies.