Blogs security issue
-
My blogs are hosted on WordPress and I’m frequently getting blogs deletion issue.
I’m using a strong password and also I have turned on 2-Step Verification for login.
I am unable to find the exact problem. Please help. Thank you!The blog I need help with is: (visible only to logged in users)
-
Hi there, can you explain please what you mean by blogs deletion issue?
Are you the person who registered the site blogs.walkingtree.in and are you receiving notices that another user on your site is trying to delete it?
-
Jennifer
Thank you for your response!We are not receiving any warning. In last two weeks, we have noticed that at least 4-of our blogs have been permanently deleted from our blog page.
We are not able to understand who has deleted these blogs. Or how these blogs are getting deleted. This is scary and I have removed all the contributors as the precautionary measure.
Kind Regards
Alok -
Hi there,
Do you mean blog posts? I don’t see any evidence of entire blogs/sites being deleted from your account.
On your site, http://wtcindia.wordpress.com/, a large amount of content was deleted 3 weeks ago by the username, ratan14. It looks like you had made this user an administrator on your site 8 months ago, so you should be thankful they only deleted posts and not the entire site.
If a user you add to your site deletes content there is nothing we can do about it, as you gave them the ability to delete that content. There is no way to recover the deleted posts as they also deleted the trash folder.
Keep in mind that 2-step verification on your account means nothing if your site has 10 other admins (it looks like you in fact had more than that) who don’t use it. Any admin has the ability to delete any content on the site, or even to delete the site itself, and if any one of them get hacked the person who accessed their account will be able to do the same.
-
Yes, you are correct. I was talking about the blog posts.
We had 4-administrators and I am not sure if Ratan14 had administrator role or not. Can contributors also delete a post?
Is there a way to recover the deleted blog posts?
-
@wtcindia – You might be able to find the content of the deleted posts from either Google’s cache or the Internet Wayback Machine on the Internet Archive.
If you are the site owner (the person who registered the site here) and even if you removed all the current Contributors, I’d also suggest immediately changing everyone else’s user role to one of the other user roles mentioned on this page and no one above Author unless absolutely necessary. Editors can also delete posts and more. https://en.support.wordpress.com/user-roles/ This support doc also explains how you can change other people’s user role.
-
-
According to your site’s logs, the user ratanagarwal8, another admin on the site, added ratan14 as an admin on 29 April – that’s another thing to keep in mind when adding admins is that they can invite new admins as well. ratanagarwal8 again was added by the admin wtalok. Based on your site’s logs you had many more admins than just 4.
It’s not possible to give you a full list of the deleted posts. I suggest you try the Wayback Machine as @justjennifer suggested and compare what you find there with what you still see on your site. Then you can copy the posts from the Wayback Machine, and paste them into new posts on your site. If you manually set the dates back to the original publication dates for those posts they should have the same permalinks once published as the originals had.
You can find the Wayback Machine here:
- The topic ‘Blogs security issue’ is closed to new replies.
WordPress.com Forums 