Forums

WordPress › Support » How-To and Troubleshooting

[resolved] Security question (13 posts)

  1. igwebs
    Member
    Posted 1 year ago #

    Someone is publishing posts on my blog as "admin". They have been doing this for a while now and I have been deleting the posts as they are garbage but I like to put a stop to it. So far, I have not been able to figure out how they're doing it. Has anyone else run into something like this or know how this could be done? Here's a link to the blog and the posts' title is always "what did I do on xx/xx/xx" http://www.sowhatdidyouthink.net/swdidytblog . If you don't see one now give it a little time and you will.
    Thanks in advance for your help.

  2. Ipstenu
    Half-Elf Support Rogue & Mod
    Posted 1 year ago #

    http://codex.wordpress.org/FAQ_My_site_was_hacked

  3. igwebs
    Member
    Posted 1 year ago #

    Thank you. That was very helpful. He was coming through Twitter Tools plugin and I cleared him out on the settings page.

  4. Ipstenu
    Half-Elf Support Rogue & Mod
    Posted 1 year ago #

    Eeek! THIS Twitter Tools!?

    http://wordpress.org/extend/plugins/twitter-tools/

    How did that happen?

  5. igwebs
    Member
    Posted 1 year ago #

    No sure. He was using it and bit.ly, not sure how he got in but I changed the Authentication Unique Keys along with the password and anything else I could change. So far that seems to have stopped him. He was just using the site to create back links.

  6. Ipstenu
    Half-Elf Support Rogue & Mod
    Posted 1 year ago #

    Twitter password too, I hope.

    Ugh. I wonder if it's related to Twitter's recent changes.

  7. igwebs
    Member
    Posted 1 year ago #

    No, I don't think so. His links used bit.ly but didn't do them right so the link goes to a 404 page. But it did post to my blog which bugged me a lot!

  8. Alex King
    Member
    Posted 1 year ago #

    Please be very careful with statements like this:

    He was coming through Twitter Tools plugin

    From your description this sounds incorrect, and it is potentially damaging and unnecessary FUD.

  9. igwebs
    Member
    Posted 1 year ago #

    OK, how would you say it?

  10. Ipstenu
    Half-Elf Support Rogue & Mod
    Posted 1 year ago #

    Alex's point was why I was (a) hella shocked and (b) wondering how the guy got in.

    The guy got in via twitter (Twitter Tools only pulls in from YOUR twitter stream, right?)

    I cleared him out on the settings page.

    Can you elaborate what you mean here.

  11. igwebs
    Member
    Posted 1 year ago #

    Ok, I'll try and remember. On the Twitter Tools setting page, the experimental section was filled in with his stuff. Then on the bit.ly section he had "admin" for a user name. I believe that is all that was there that I had not put in. I hope that helps.

  12. Alex King
    Member
    Posted 1 year ago #

    Based on the information you have provided, it sounds most likely this person had/has access to your WordPress admin.

  13. igwebs
    Member
    Posted 1 year ago #

    That's possible. Anything is possible!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags