Title: WordPress unknown admin users. Last modified: August 30, 2016 --- # WordPress unknown admin users. * [Anthyx](https://wordpress.org/support/users/anthyx/) * (@anthyx) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/) * Hi, * I’ve just checked for active users for my wp site. Keep in mind than I’m the only user and I usually login with the account name “uxapp*****”. * The users currently acrive are these, all with administrator privileges: * admin admin26 admin32 administrator root uxapp***** * Do you think this is correct? Is it possible tha my site has been hacked and these users are not default users but created “ad hoc”? * I have currently installed Wordfence to protect my site: it informed me today that this night it has blocked many login attempts from China. * Thanks a lot for your help. * A. Viewing 7 replies - 1 through 7 (of 7 total) * [Kailash](https://wordpress.org/support/users/kailash1/) * (@kailash1) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314836) * Yes, it is possible that your WordPress installation is hacked. There could be many reasons as follow: * – Your FTP is compromised and someone uploaded script which can allow to create Admin user remotely (it is possible) – If your WordPress was hacked in the past, it is possible that it wasn’t cleaned properly. – There is a security issue with their party themes/plugins – Even if you have deactivated unwanted plugins, they may cause security issue * Thread Starter [Anthyx](https://wordpress.org/support/users/anthyx/) * (@anthyx) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314837) * Hi Kai, * a few months ago, after I suspected to be attacked, I installed the wordfence plugin. I’ve used it to clean my site from possible malign code etc. Do you think this is enough and the users are just left-overs from the attack? What can you suggest me to fix this? * Thanks a lot. * A. * [Kailash](https://wordpress.org/support/users/kailash1/) * (@kailash1) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314848) * I suggest you to scan your entire account using ClamAV or maldet (if you are on Linux server). If you do not have access and you are on shared hosting, you may need to request to your host to scan your entire account. * Thread Starter [Anthyx](https://wordpress.org/support/users/anthyx/) * (@anthyx) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314959) * Ok, I’ve checked with the service provider and it seems that the account is checked for virus / malware every day. * Now, I have these users: * admin admin26 admin32 administrator root * I’ve not created (I use just “uxapp*****”), can I just delete them? * [MBWD](https://wordpress.org/support/users/mbwd/) * (@mbwd) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314966) * Yes, you can delete them. And I would change your password again to be safe. * Thread Starter [Anthyx](https://wordpress.org/support/users/anthyx/) * (@anthyx) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314968) * Ok, I just did it. * Many thanks for youe help! * A. * [MBWD](https://wordpress.org/support/users/mbwd/) * (@mbwd) * [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314969) * Wordfence allows you to block anyone who tries to sign in with a username that doesn’t exist. I highly recommend that you enable that feature. Also, read this article and put it into practice so this never happens to you again: [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress) Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘WordPress unknown admin users.’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 7 replies * 3 participants * Last reply from: [MBWD](https://wordpress.org/support/users/mbwd/) * Last activity: [10 years, 10 months ago](https://wordpress.org/support/topic/wordpress-unknown-admin-users/#post-6314969) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics