Disable Jetpack

  • Unknown's avatar
    justablog · Member ·

    I want to disable jetpack completely from my WP dot com site. I only use the site to login to comment on other WP com sites. See this: https://www.bleepingcomputer.com/news/security/hackers-find-new-method-of-installing-backdoored-plugins-on-wordpress-sites/

    How can I completely delete this plugin so that I am not subjecting myself to this hack attempt?

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    staartmees · Member ·

    The article you mention is about the open-source WordPress CMS, not about WordPress.com.

  • Unknown's avatar
    justablog · Member ·

    No, it’s not. Please READ the article. In the second paragraph,

    “How this new attack works
    The first step of this attack consists of hackers taking usernames and passwords from public breaches and attempting to log into WordPress.com accounts.”

    So please take another look at my request. I am not stupid. I can read. I asked a simple question based on a valid concern.

    Shall we try again?

  • Unknown's avatar
    justablog · Member ·

    I don’t believe any plugin should be crammed down anyone’s throat especially if the site in question isn’t even being actually used to blog. It was set up to appease folks insisting that I login to a wp dot com account in order to post a comment and to use woo commerce.

  • Unknown's avatar
    staartmees · Member ·

    The security leak is not in wordpress.com. It starts with ‘taking usernames and passwords from public breaches’. So a safe password in combination with two step verfication should do the trick.
    If you need further info, tag this thread with modlook.

  • Unknown's avatar
    justjennifer · Member ·

    Hello there, perhaps this Staff reply from a similar thread will help you:

    There has been some misinformation making the rounds, so to clarify, there has been no security breach for user accounts at WordPress.com. But if someone has your WordPress.com account credentials, they could log in and modify your site.

    WordFence notified us of a malicious plugin being installed on some accounts, so we are investigating and will be in touch with those account owners. We’ll also take steps to ensure that none of our users accidentally install that plugin.

    In the meantime, we encourage all users to pick a strong password and use 2FA. https://en.support.wordpress.com/selecting-a-strong-password/

    If you do have any other question about this, please add the MODLOOK tag for Staff attention.

  • The topic ‘Disable Jetpack’ is closed to new replies.