wordfence and wordpress default users

  • Anthyx

    (@anthyx)


    10 years, 10 months ago

    Hi,

    today WF sent me a message informing me that someone from China tried to access my site using the ‘admin’ username and was blocked after 20 attempts.

    So, I checked the active users on my site. I found these:

    admin
    admin26
    admin32
    administrator
    root
    uxapp*****

    all with administrator privileges.

    Please keep in mind I just use ‘uxapp*****’ and I’ve NOT created any other user.

    SO, is it a problem? Should I delete all the other users apart from ‘uxapp*****’? If so, is it enough?

    Many thanks in advance.

    Antonio

    https://wordpress.org/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)
  • WFSupport

    (@wfsupport)

    10 years, 10 months ago

    I’d say it is a big problem. Remove any but yourself. You might leave one, but change the password to something long (64 characters) and random and then attribute the deleted posts from each one to it so you can filter the posts page to see what they have posted and remove them. Then delete it. Follow this guide as well, paying particular attention to the section about removing all unused plugins and themes and updating core, themes, and plugins you plan to keep.
    http://docs.wordfence.com/en/My_site_was_hacked._How_do_I_use_Wordfence_to_clean_it%3F

    tim

    Thread Starter Anthyx

    (@anthyx)

    10 years, 10 months ago

    Hi,

    ok I’ve deleted all the user accounts except mine.

    I’ve compared old core / theme / plugin files with the originals: no problems.

    I’ve completed a complete scan: no problems found.

    It seems that my site is not in google blacklist.

    Please tell me everything is fine and I’m defended by wordfence from now on!

    Any other security check / suggestion is much appreciated, of course.

    Thanks a lota.

    Ciao

    Antonio

    WFSupport

    (@wfsupport)

    10 years, 10 months ago

    Email me your options page and reference this post url. Include your forum username also. wftest [at] wordfence.com I’ll check if you missed anything.

    tim

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘wordfence and wordpress default users’ is closed to new replies.