I received an email yesterday stating that over the previous 24 hours many Word Press sites with the username "admin" had been compromised. Not thinking that this could happen to me I only checked it out today. When I went to the network administrator users (https://www.gotogirltix.com.au/wp-admin/network/users.php) there had been another user added. Of course I deleted it straight away.
I then did the following...
- removed the admin user ( from https://www.gotogirltix.com.au/wp-admin/users.php)and (from https://www.gotogirltix.com.au/wp-admin/network/users.php)
- I reset the passwords for my new usernames that I created here to be more difficult
- I set my display name for posts to be different to what my username is for both
However I am still concerned about future hacks... I have tried installing "Better WP Security" plugin however when activating it, it put my website in a re-direct loop and it no longer works.
Is there another plugin I could use or what other steps should I be taking to ensure that nothing else was changed on my site?/Future hacks
Any help is appreciated.