Site security breached?

  • I just wrote & published a post. Within minutes, I visited my stat service & found someone had accessed the published post’s pg. Since my readership is not terribly large, this was a little unusual but not terribly so. What was unusual, in fact scary is the referral URL. It was my blog’s internal pg. for the post in the editor interface.

    Looking over the visitor’s IP address & geographical location I have a pretty good hunch that it’s someone who’s been a comment troll at my site for some time.

    First, I’d like to know if this person somehow has breached my login data to gain access to my site internally. Second, how would they have known within minutes that I published a post? Would it be possible having such internal access that they might’ve have planted some code that would automatically notify them when a new pg. was created? Or can they do this w. software w/o needing internal access?

    If someone can help me interpret what might be happening I’d be grateful. I have the pg. from my stat service which I’d like to share w. someone who can help me figure out more of what might be going on. Send me an e mail at richards1052 at comcast dot net & I’ll share the stuff w. you & be very grateful for yr help.

Viewing 4 replies - 1 through 4 (of 4 total)

  • Did the post you had just published happen to link to another post on your blog?

    :>)

    Thread Starter richards1052

    (@richards1052)

    HandySolo: No, it didn’t. No links to my own blog, only external links.

    Interesting. if something like this happens again, I’d be interested in knowing more details… (handy AT solo-technology.com)

    Keep in mind, it’s very likely that your “troll” is monitoring a feed from your site. If that’s the case, and he’s alert, he’ll know about new posts almost as soon as you do.

    That being said, if truly concerned, immediately change your admin password (and, of course, any other account passwords if they’re at admin level).

    If still concerned, check out your WP install’s directory & file permissions. As a rule of thumb (and be aware that some servers don’t use my thumb!) you want to aim for files at 644 and directories at 755.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Site security breached?’ is closed to new replies.