Hacked: Admin Login by Someone Else | WordPress.org

ubound
(@ubound)

9 years, 6 months ago

Hello,

Wordfence plugin notified me about admin login from a user I didn’t create from a different location. Fortunately, I noticed Wordfence email only after one hour after they logged in. Here is what happened next:

1. My site behaved as usual.

2. They deleted Wordfence plugin so that I don’t realize their further steps.

3. Strangely enough, their new admin username wasn’t listed in my USERS in my WP dashboard, but I found it via PHPMyAdmin database and deleted it.

4. I changed my admin password.

5. Wordfence scan only detected a change in two readme.txt files for two different plugins. I guess you can’t be hacked via a readme.txt file, can you?

6. No other abnormalities were detected.

So my question is: What else do I have to do now? How do I figure out how they got in in the first place and how do I protect site in the future?

Thanks!

Viewing 1 replies (of 1 total)

Moderator Steven Stern (sterndata)
(@sterndata)

Volunteer Forum Moderator

9 years, 6 months ago

The developers and users of this theme/plugin would be the best people to ask. You can reach them here:

https://wordpress.org/support/plugin/wordfence/

Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

Viewing 1 replies (of 1 total)

The topic ‘Hacked: Admin Login by Someone Else’ is closed to new replies.

Tags

hacked

In: Fixing WordPress
1 reply
2 participants
Last reply from: Steven Stern (sterndata)
Last activity: 9 years, 6 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics