Posted 7 months ago #
I've made a site and im using wordpress as a blog for my website and two times now someone has stolen my password and changed my email.... I worked really hard on my theme and put in like 10 straight hours.. I've been using different passwords with strong setting how is this happening????? Nothings been done to my blogs other than the passwords been changed along with my email.. can someone help me out???
I've been hosting the wordpress at portfolio1.site90.net
Which password are they stealing? Your WordPress one or your server one?
Are you SURE?
Read http://codex.wordpress.org/Hardening_WordPress
I would consider using .htaccess to protect my wp-admin and wp-login.php files, as well as administration vover SSL to prevent this. Make SURE you use a secure password. Check your PC for hacks and viruses. Get your server scanned (ask your web host for help).
Scna your site with http://wordpress.org/extend/plugins/wp-security-scan/ or at http://sitecheck.sucuri.net/scanner/
Consider http://wordpress.org/extend/plugins/limit-login-attempts/ to lock out accounts after x-attempts.
If they're not brute-forcing (i.e. trying passwords over and over) then there's a security hole on your server, or in a plugin, and you should get help from your host.
You must log in to post.
