Could My Website Have Been Hacked
Recently, I wanted to login to my website http://jointventureseekervideos.com/ through the site manager at https://my.wealthyaffiliate.com/websites but discovered that I could not login with the new user/administrator I created immediately I created this site and have been in use ever since.
I could only login with the default admin as administrator
I also realized there were 114 different administrators for my wordpress blog site instead of the expected two users, the default user, the admin-administrator and the 2nd-user-administrator I created.
Since I was not too sure of what was happening, I quickly went through some training at WA to refresh my memory on what to do.
I ended up reading through https://my.wealthyaffiliate.com/training/how-to-create-a-new-user-in-wordpress once again and https://my.wealthyaffiliate.com/labman/blog/why-should-you-create-a-new-wordpress-user for the first time.
I deleted all the users/administrators leaving only the original two users.
since I could no longer login with the 2nd user, I just reset its password on the Site Manager. Then login with my 2nd user, and on my wp dashboard used the Quick Edit to change the Admin-User to Admin-Subscriber.
This leaves me with only the 2nd user as the only administrator and I hopefully believe my website is now less prone to attack.
Any comment to enlighten further shall be appreciated
Samuel
Recent Comments
5
Hi Samuel,
Sound really strange???
My advice would be to submit a support ticket under site rubix, site support and ask the question, Support should be able to explain what has happened.
Good luck mate,
Hi Srallgood,
I've done that already.
They are trying to unravel the mystery.
I have been asked some questions to help them arrive at a reasonable conclusion.
I hope they'll get to the bottom of the mystery so that some viscious hackers don't poke their nose here successfully.
Samuel
Hi MINDwell,
It's strange to me also. I want to be sure I was not hacked.
I took a snapshot of the 1st page of those user names/administrators and also my wp admin dashboard but don't know how to upload it to my blog for proof yet
See more comments
Problem solved at last by support.
I must have mistakenly clicked the box for anyone can register as the administrator in the wp settings. That was the findings of the support.
Although this is strange. I don't remember ever doing that since that would have put my website at risk.
This was discovered and abused by a person who messed up my login made it impossible for me to login with my 2nd user as administrator and probably used an automated system to register 112 times.