On several occasions I have found myself logged in when I start my blog. And I’m 100 percent certain that I logged out the day before. I wrote support that answered that they have no way of checking who logs in or out. I changed my password. I use https.
I find little strange errors on my blog. English translation out of order. My feed out of order. Posts with information in percent suddenly shows miscalculated percentages. Even though it was copy/pasted. I don’t falsify quotes. So how did that happen?
What is going on? What should I do?
I’m really, really alarmed…
The blog I need help with is universalgeni.wordpress.com.
What is that API key for? I never use it. Should I request a new one?
Hi universalgeni :)
I don’t think this is a question for Volunteers to answer so I am recommending that you
please contact Staff directly > http://en.support.wordpress.com/contact/
I did. They answered that they could not help. Staff have no way of checking who logged in, they wrote.
What is that API key for? Can it be used for login?
The API key information is here > http://en.support.wordpress.com/api-keys/
It’s highly unlikely that a Volunteer will have an answer to your question.
If suspected my blog had experienced and intrusion and Staff said it was not them who entered my blog then I would immediately change my password. > http://en.support.wordpress.com/passwords/
Sorry :( I cannot be more helpful.
I have changed that password. Several times. I have also read that article about API key. It says that API key is like a password. It does not say if the key can be used as a such.
The API key is currently used by those with wordpress.ORG installs and who use Akismet and/or wordpress stats. This is all I know.
We all have those stats? I don’t get it, I must confess…
And why would they write that the API key is like a password if it isn’t?
Only in the same sense that you should protect your API key like a password. Nothing more, I believe.
If you suspect that certain Posts or Pages are being altered, you could look at the Post/Page revisions and see if something has recently changed.
If you are certain that you log out every time, make sure you delete your cookies as well.
Another thing you might want to do, besides changing your password, is run a malware check on your blog to see if there’s something on your computer that shouldn’t be. I use Malwarebytes.
SIGH … the wordpress stats we have here on our free hosted blogs is made available to wordpreess.ORG users in the forum of a plugin.
MBAM has been run. Thanks folks. If you can think of more ideas, please don’t hesitate to write in this thread.
My apologies; that should have read “…is run a malware check on your computer to see if there’s something there that shouldn’t be.”
I do not have WordPress cookies in CCleaners “Cookies to keep” section. But when I run it, I’m not logged out. And that is wrong. When all cookies are deleted, I should be logged out of WordPress instantly.
Is there a security bug involved here? Is this related to Google Gears and the https option? Is Google Gears holding that login cookie?
Alternatively I should be logged out when I turn of or reboot my PC. That is also not happening.
I don’t believe Gears is supported any longer on WordPress.com, but I’m not in a position to answer your other questions. Sorry.
By the way, is it *only* WordPress.com where you are still logged in after logging out or is it other sites as well? What browser are you using?
IE8. I haven’t encountered login/logout problems elsewhere. According to WordPress Support Google Gears is needed for full use of https: http://en.blog.wordpress.com/2008/07/02/gears/
The topic ‘Serious problem’ is closed to new replies.