My blog was hacked
-
My blog was hacked, and a very upsetting post was placed in my blog. In addition to setting up 2-step verification, how can I prevent this from happening again? Is it possible to find out who hacked the blog? I would take this information to the police station, as it was very upsetting.
The blog I need help with is: (visible only to logged in users)
-
Go to your email program and change the password to a very difficult one because that’s how many hackers gain access to blogs.
Then read this please and act on what you find there > http://en.support.wordpress.com/security/
If you can log-in
1. Go here > Users > All Users and delete any user that does not belong there.2. Disable post by email > http://en.support.wordpress.com/post-by-email/
3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/
4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password If you reset your password, it will also work on mobile devices. If you have two-factor enabled, you will need to create a new application-specific password: http://en.support.wordpress.com/security/two-step-authentication/#application-specific-passwords
5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
I tagged this thread for a Staff follow-up. Please subscribe to it so you are notified when they respond.
-
NOTE: Based on my 8 years of answering questions here, if any person or any bot is posting anything to your blog then you have provided them with the ability to do so, either deliberately by adding them as official users, or by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
You may want to ask yourself these questions and act on any answers that pop up:
Who has access to your login information?
Did you use the same password for your email account and your blog and for any other accounts?
Are you sharing log-in information with anyone else or leaving it where anyone can locate it?
Is your password a weak one that others can easily guess?
Are you remaining logged in on your computer so anyone can come along and access your blog through it? -
-
my account is hack i guess .. because in my account under user option i found a new user with role subscriber… i was shocked how did it happened?
-
@piyushjeena1992 Are you referring to a WordPress.com hosted site? because I only see a self-hosted WordPress.org site linked to your account.
To clear up any confusion, WordPress.com and WordPress.org are two different entities.
http://support.wordpress.com/com-vs-org/WordPress.org has complete support and documentation sites for self-hosted/installed versions of WordPress at: http://wordpress.org/support/
Either way, it doesn’t hurt to change your password: https://codex.wordpress.org/Resetting_Your_Password
- The topic ‘My blog was hacked’ is closed to new replies.