WordPress.org

Forums

[resolved] unauthorized access? (8 posts)

  1. wordpressorguser
    Member
    Posted 8 years ago #

    hello to you! yesterday there was a user online named "alex" although there are only two users: the admin and another named mark. i do not allow registration and comments are also off. so i don't know where this alex comes from. he's even not shown in the userlist. is this an illegal hack?

    i updated from wp 2.0.3 to 2.0.4 two weeks ago using the update-kit. yesterday i changed password, but today in the morning he was online again.

    i am really worried because i feel that my website is not longer secure at all.
    what can i do to find out where wp gets this name from, when it is not in the userlist?
    how can i find out if this person changes something on my website?

    i would be very happy if there'd be a help outside!
    mika: http://www.coggy.de

  2. wordpressorguser
    Member
    Posted 8 years ago #

    ok me myself again. one possible answer: its alex king. somehow he's recognized from the system. (?)

  3. wordpressorguser
    Member
    Posted 8 years ago #

    that would be the most positive solution ;-)

  4. vkaryl
    Member
    Posted 8 years ago #

    It's possible it was a trackback rather than an actual "alex king logged in somehow and left a comment"....

    I don't think the "system" recognizes the devs etc. I could be wrong, frequently am, but it just doesn't seem likely.

  5. wordpressorguser
    Member
    Posted 8 years ago #

    Yes. Maybe I#m too unexperienced with all this. I just wanted to find an answer. Because a user in the list, which is not known to me makes me a little nervous, as far as my site is somehow part of me. So if there is someone else logging in...

    I don't know if I have the name of the user in my statistics if he/she only trackbacks me. Somehwo the inner funtions of wp then must exchange user account names. Maybe they do. I have to keep getting some knowledge on this.

    Thanks a lot for the answer! mika.

  6. wordpressorguser
    Member
    Posted 8 years ago #

    ok. me again. only one thing if somebody is interessted: in my setting trackbacks and pingbacks are and were off.

  7. wordpressorguser
    Member
    Posted 8 years ago #

    doesn't anbody got similar experiences?

  8. wordpressorguser
    Member
    Posted 8 years ago #

    ok. problem resolved. i#m a little sorry for the nervous asking, but i was really in fear, someone is manipulating my site. the solution is: my stat-plugin has defined arrays for visitors with static ip-adresses. so a some for google etc. and there is also an array for:

    'Alex' => 'ia_archiver'

    I think that`s a little too personal for a bot. And inside the stat-plugin the search engines and bots should not be listed in the wp-users list.-

    But first of all: excuse my excitement. thats a personal probem ;-) mika.

Topic Closed

This topic has been closed to new replies.

About this Topic