I'm sorry but my WP site is being hacked.
I've been through a multitude of 'fixes', most of which, to my mind, I should not have to do.
The measures that I read about to stop this, range from reasonably simple to ridiculously complicated.
I just want to use a simple CMS for my site. I don't want to delve into code / add, remove, modify files / folders.
Now I know hacking has been written about in numerous posts (so don't point me to any more - I've probably read them all) but really?? Is the aim of WordPress to have every casual user jump through these hoops to achieve web site security?
I have a closed user base where accounts can only be created by one admin account.
Somehow, spam accounts are being created. I have no idea how and, to be honest, I don't feel I should have to, in such a renowned & established CM system.
I know it's free. I know it's coded / supported by volunteers but, if the WP home page had a 'cons' list (you may need to do X Y Z to eliminate spam) then I could have made a more considered choice.
I'm sure many potential users would (or have) given up long before me.
I'm doing nothing with WP that PHPBB or Drupal seem to do trouble free.
I'm sorry for the rant but I'm so fed up with the things I'm having to do (as well as the constant internet goose chases) to try and find solutions to problems I don't feel should be there.
My WP install is (and always has been current, my HT access OK, my plugins are up to date. I've changed DB prefix, passwords, usernames etc etc etc etc etc.
Last resort? Full wipe / reinstall? Nope; only the first then move to Drupal