Support » Miscellaneous » “Fake” users/authors
9 years, 9 months ago
Recently a number of people have managed to break into my blog and sign themselves up as authors. So far, I have managed to catch them and delete them before they could do any damage.
I have changed my password, but since I did that I had 3 more such attacks.
Does anyone know anything about this–and how to deal with it?
Do you mean they registered as users (at whatever level is set your blog) or they registered and promoted themselves to the “Author” level/role?
There are reports about some kind of “registering spam” going on…
They somehow got into the dashboard and registered themselves as authors. The first time it happened I figured that they “guessed” my password, so I changed it, but then it has happened at least 3 more times (at least).
What did your host say?
Although, before that, let me ask you this: how many files do you have wild open = chmod 666, for online editing?
Jeebus, I have no clue. I guess I will have to figure out how to figure that out!
I mean did you ever edit your template files with the online Theme Editor?
If the answer is yes, you used the methods described here:
meaning if you changed any file permissions, you need to change them back.