WordPress.com Forums » Tag: hacked - Recent Posts

timethief on "Hacked Page"

timethief — Wed, 22 May 2013 17:24:13 +0000

All of your Admins? Only one Admin per blog is recommended. http://en.support.wordpress.com/user-roles/#administrator

What is the URL of the blog in question starting with http:// ?

Who, aside from you, has access to your login information?

Go to your email program and change the password to a very difficult one because that's how many hackers gain access to blogs

1. If you can log-in go here > Users > All Users and delete any user that does not belong there.

2. Disable post by email > http://en.support.wordpress.com/post-by-email/

3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/

4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password

5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.

6. Set up two step authentication http://en.support.wordpress.com/security/two-step-authentication/

Then read this please knowing that blogs don't get hacked when security protocols are followed. > http://en.support.wordpress.com/security/

robmangelson on "Hacked Page"

robmangelson — Wed, 22 May 2013 17:20:25 +0000

Our blog sites have been compromised. All of the administrators have been removed from access. Please help!

nickilodeon on "Re-access old blog"

nickilodeon — Wed, 15 May 2013 13:39:56 +0000

If it will be of any assistance, the blog in question is http://nikkialberto.wordpress.com

supportbot on "Re-access old blog"

supportbot — Wed, 15 May 2013 13:38:32 +0000

You did not specify a blog address or reason for posting when you created this topic.

This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you'll find help at the WordPress.org forums.

If you don't understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

If you forgot to include a link to your blog, you can reply and include it below. It'll help people to answer your question.

This is an automated message.

nickilodeon on "Re-access old blog"

nickilodeon — Wed, 15 May 2013 13:38:31 +0000

Before you say that this has been asked time and time again, do know that I did read everything there is to know on how to deal with this, but I think my case is quite peculiar.

I made a blog (WordPress.com, naturally ) in June 2011 and completely forgot about it. I recently visited it as I think I've been hacked because what was originally a draft has been published. I've been trying to access it using my email addresses but to no avail. Also, interestingly, according to WordPress, said username no longer exists BUT when I google it, or when I type it on my URL, I am able to read it.

I've asked WordPress for help on this one twice but as I am unable to retrieve more supporting evidence that the blog in question is indeed, mine, I think my call for help fell into deaf ears. :(

In summation, if you've been in this situation, or have any idea how to fix this, please share your knowledge. And if you must teach any moves on hacking, do explain it in simple terms as I am quite illiterate when it comes to codes, strings and whatnot.

Thank you very much and I hope that those who have similar problems will be able to get answers.

unnecessarywisdom on "Worried About Possible Hack"

unnecessarywisdom — Wed, 08 May 2013 08:16:40 +0000

I believe you. I trust that you know much more about this than I do.

Thanks again for your very prompt response. Have a wonderful day :)

tandava108 on "Worried About Possible Hack"

tandava108 — Wed, 08 May 2013 08:02:59 +0000

That is the login page from the router. I don't know about Cisco but some keep the same URL for the admin functions.

unnecessarywisdom on "Worried About Possible Hack"

unnecessarywisdom — Wed, 08 May 2013 07:55:52 +0000

Okay. I was worried about the "login" portion of the link since it was definitely not me. I have not been logging in from anywhere but my own devices.

Thank you!

tandava108 on "Worried About Possible Hack"

tandava108 — Wed, 08 May 2013 07:51:32 +0000

I doubt it was a hack. More than likely the router is in some company and someone is looking at the access logs and clicking links to see what employees had been viewing in work time!

unnecessarywisdom on "Worried About Possible Hack"

unnecessarywisdom — Wed, 08 May 2013 07:47:53 +0000

I just saw a referral to my blog that looks like this:

192.168.33.1/login.asp?unnecessarywisdom...

I researched the IP and it is the generic address for a Cisco router. I don't own a Cisco router. I was also logged in all night. Any idea why this link would have shown up as a referral to my blog?

Thank you.

auxclass on "Hacked - Please help. Wedding Website worried about spam"

auxclass — Thu, 25 Apr 2013 22:04:31 +0000

you be welcome

joedelgado2013 on "Hacked - Please help. Wedding Website worried about spam"

joedelgado2013 — Thu, 25 Apr 2013 22:02:11 +0000

Thanks! Sorry, didn't realize that given the web designer set up all the accounts. Thanks for the help!

auxclass on "Hacked - Please help. Wedding Website worried about spam"

auxclass — Thu, 25 Apr 2013 21:29:11 +0000

The site you are asking about does not seem to be hosted on WordPress.COM so you need to make friends over at WordPress.ORG the keepers of the software you are using.

You will need to open a new account at .ORG if you don't have one - it is not connected with the forum here.

http://en.forums.wordpress.com/topic/7-things-to-know-before-posting-in-wordpresscom-forums?replies=1

This site is for support of sites hosted on WordPress.COM. You should address your questions to WordPress.ORG the keepers of the software you are using: http://wordpress.org/support/

For more on the difference: http://support.wordpress.com/com-vs-org/

joedelgado2013 on "Hacked - Please help. Wedding Website worried about spam"

joedelgado2013 — Thu, 25 Apr 2013 21:14:27 +0000

Hello,

My wedding website is http://www.allyandjoewedding.com and was registered by our webdesigner Jack Cosentino. He provided me access to the website a couple months ago so I could see how everything worked and add in some other features I wanted.

Unfortunately it looks like we're now hacked and I cannot log-in to reset the password. Additionally, Jack said that the "reset my password" e-mails are not coming to him, so he cannot reset them either.

Can you please help? Our wedding is in 2 months, and I'm worried that our website will be irreperably harmed / taken down.

Thanks!
Joe

thistimethisspace on "My blog has been hijacked (NOT)"

thistimethisspace — Sun, 14 Apr 2013 22:46:05 +0000

@horsewelfarenews
Please excuse me for interjecting.
it's a very good time for WordPress.COM bloggers to consult what's at the following links and act on it.
http://en.support.wordpress.com/security/
http://en.blog.wordpress.com/2013/04/05/two-step-authentication/
http://onecoolsitebloggingtips.com/2012/07/22/how-to-prevent-and-react-to-a-wordpress-hack-attack/

byeinternet on "My blog has been hijacked (NOT)"

byeinternet — Sun, 14 Apr 2013 22:41:45 +0000

Hi Kathryn, I think the problem has been resolved by WP already, they must have caught whatever it was quickly. My site works normally again now. Thank you for your help.

kathrynwp on "My blog has been hijacked (NOT)"

kathrynwp — Sun, 14 Apr 2013 21:23:24 +0000

horsewelfarenews - could you please start a new thread to describe your issue in detail, and add the word modlook in the Tags section in the right column so Staff will respond. Thanks.

byeinternet on "My blog has been hijacked (NOT)"

byeinternet — Sun, 14 Apr 2013 18:11:37 +0000

Hi, I have what appears to be a hijacking or hacking problem which popped up last night. My email address was hacked and I think I resolved that problem, but my site looks different, it contains Chinese symbols, and when I click onto "my stats" it gives me a redirect what may be the hacker. My URL is http://horsewelfarenews.wordpress.com.
The fake certificate that seems to have intercepted my site is http://gp1.wac.edgecastcdn.et. If anyone at WP is able to look into this, I'd be grateful. I think I've resolved the email hacking problem but my site appears to have been hijacked by this URL. Thank you.

auxclass on "My blog has been hijacked (NOT)"

auxclass — Sun, 14 Apr 2013 16:23:06 +0000

You have a WordPress.ORG install - you need to make friends at WordPress.ORG - the software works differently for you than here (note above some of the advice we gave you above that are not options on your blog)

http://wordpress.org/support/

If you don't have an account there you will need to open a new account - .ORG & .COM are related but not the same -

lisak1259 on "My blog has been hijacked (NOT)"

lisak1259 — Sun, 14 Apr 2013 15:58:19 +0000

It is http://s171050870.onlinehome.us
Thanks. Lisa

auxclass on "My blog has been hijacked (NOT)"

auxclass — Sun, 14 Apr 2013 15:16:36 +0000

You are probably in the wrong forum given some of your recent answers above - and have a WordPress.ORG install

What is the URL of the blog you are having trouble with? We need that to help us give you accurate help

For more on the difference: http://support.wordpress.com/com-vs-org/

lisak1259 on "My blog has been hijacked (NOT)"

lisak1259 — Sun, 14 Apr 2013 14:04:40 +0000

There were 2 new people this morning with comments. This is how it starts. There really is nothing for privacy and stopping email access.

raincoaster on "My blog has been hijacked (NOT)"

raincoaster — Sun, 14 Apr 2013 05:12:57 +0000

You can set Privacy under Settings->Reading.

lisak1259 on "My blog has been hijacked (NOT)"

lisak1259 — Sun, 14 Apr 2013 05:07:05 +0000

Deleted all users. Over 200. But did not find where I could disable the email posting or set privacy. Saw where these settings should have been but not part of the choices. Anyway, thank you for your help.
Lisa

raincoaster on "My blog has been hijacked (NOT)"

raincoaster — Sun, 14 Apr 2013 04:46:55 +0000

If you are on the dashboard, then the name of the blog appears on the top left and the admin bar. Click on it to view the blog.

auxclass on "My blog has been hijacked (NOT)"

auxclass — Sun, 14 Apr 2013 04:09:42 +0000

Also go to Dashboard >> Users >> Al Users >> Delete all users EXCEPT YOURSELF - that should get thing back under control

Then go to Dashboard >> My Blogs >> Disable Post by Email if it is enabled

You can also set it to Private to keep anyone from even commenting on your blog Dashboard >> Settings >> Reading >> I would like my site to be private, visible only to users I choose

Then save changes - at the bottom of the page

lisak1259 on "My blog has been hijacked (NOT)"

lisak1259 — Sun, 14 Apr 2013 04:00:09 +0000

That is not mine, but I did change the password and was able to get on the dashboard. How can I find out what the url is? I am getting to it through one of the emails. Thank you for your help.
Lisa

raincoaster on "My blog has been hijacked (NOT)"

raincoaster — Sun, 14 Apr 2013 03:31:47 +0000

http://happythoughts.wordpress.com/ was registered in 2006 and has one post. happythoughtsbylisak.wordpress.com has never existed.

raincoaster on "My blog has been hijacked (NOT)"

raincoaster — Sun, 14 Apr 2013 03:12:27 +0000

People can't register themselves as users on WordPress.com blogs, that's why I ask. If you paste the email notice here then staff should be able to ttrack it down and might be able to return it to you, although if you only posted things twice I don't know why it would bother you. If the emails are coming to your email account, then clearly that is the email associated with the blog and Forgot My Password will work.

lisak1259 on "My blog has been hijacked (NOT)"

lisak1259 — Sun, 14 Apr 2013 03:01:14 +0000

I started the blog in June of 2008. And I started getting emails about the blog in October 2012. I think I posted something only 2 times and I forgot about it until I started getting emails about people registering on the blog late last year.