Need help? Check out our Support site, then


Site Hacked?

  1. I opened up my blog this evening 11/29/12 and found that it was compromised and an ad was places as a post.

    Were you guys hacked? How can you prevent this? As a Director of IT for Bookmans Entertainment Exchange in Tucson, Az., we are considering using wordpress.com as apart of our infrastructure.

    The blog I need help with is timsweet.wordpress.com.

  2. The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

    You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

    Dashboard >> Users

    Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.

    You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)

    There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.

    If you are really concerned you could as the staff to look at your site:

    You could also use a secure log-in in case you are on an unsecured link: http://en.support.wordpress.com/https/

  3. My blog site shelleyelk.worpdress.com was hacked yesterday. I tried 12 times get my password reset, and when I tried to log in with the new password, wordpress.com rejected all my attempts, telling me to use my user name instead, and I tried that and was still unable to log in.
    My blog has been hacked/hijacked and I cannot access it at all.

  4. Deleted blogs and posts cannot be restored. Please consider setting up a new blog.

    If you want to make your blog more secure:
    * Please go to your wordpress.com profile page and update your password.
    * Please use a secure password with letters and numbers and other characters.
    * Please do NOT use the same password that you use for email.
    * Please update all of your email passwords to something more secure.

    Please read this warning from the support site:
    "Warning: Please be very careful when adding a new Administrator user to your blog. Other Administrators are effectively co-owners. They have as much power over your blog as you do, including the ability to permanently delete it, and the power to remove you from your own blog."
    http://support.wordpress.com/adding-users/

    If an Administrator deletes a blog, it is NOT hacking.

    Please only give users the MINIMUM rights needed to write on your blog such as Contributor or Author. If you give other users Administrator rights, then that means they will have full control of the blog and they can delete it without hacking. If you give other users Editor rights, then they can delete any posts from the blog without hacking. Authors can only edit and delete their own posts.
    http://support.wordpress.com/user-roles/

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags