• Resolved Tanmay Kumar Das

    (@tanmay-kumar-das)


    Hi there

    I noticed that hacker managed to login to my site brute force attack and managed to change admin password.

    Is there any way you could find how they have done it?

    I am using Site Security for Unlimited website

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support SergeM

    (@serge00)

    Hello, @tanmay-kumar-das.

    Your Security Log should contain the details:
    https://cleantalk.org/help/security-log

    Also, other third-party apps can be flawed as well. I recommend keeping all plugins and apps up to date as long as possible. Our update guide is here if you need it:
    https://cleantalk.org/help/update-wordpress-security

    Did it help you?

    Thread Starter Tanmay Kumar Das

    (@tanmay-kumar-das)

    Thanks for your reply @serge00

    I can see the trace of brute force attack

    Hacker tried several times and got succeed

    Would this be a third-party plugin issue or lack of brute force security loophole?

    Is there anyway we could start a private discussion so that I can get a good customer support?

    Plugin Support SergeM

    (@serge00)

    There’s a setting “Maximum authorization tries” for the option “Brute Force Protection” (Tooltip: If someone fails X authorizations in a row within Y minutes they will be blocked for Z minutes)

    By default the value equals 5, that means the attacker had a rather precise pool of tries. Browser extensions and shared cross-platform accounts might lead to a hacked website too. Please, check if it’s not the case.

    And yes, of course, create a private ticket here:
    https://cleantalk.org/my/support/open

    Thread Starter Tanmay Kumar Das

    (@tanmay-kumar-das)

    Ok thanks @serge00
    I will start the discussion on Cleantalk website

    Plugin Support SergeM

    (@serge00)

    No problem. Let’s continue in the private ticket.

    Plugin Support SergeM

    (@serge00)

    We haven’t received your reply in a few days, so I’m going to mark this topic as “resolved”.
    If you have any further questions, you can start a new topic anytime.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Site got hacked’ is closed to new replies.