SECURITY BREACH! Please help! Random unknown commenter linked to my dashboard!
-
A commenter called Blogg Ranger posted on the site linked below on August 18th.
I am…
Scroll down to find his comment. Click on his name. It will take you straight to my dashboard! Complete access to my dashboard!
I discovered this about 5 days ago and contacted the “Happiness Engineers” who have not yet responded.
Please get this fixed.
The blog I need help with is: (visible only to logged in users)
-
You will find the comment by Blogg Ranger by first clicking on Older Comments and then scrolling down.
-
This only happens when I’m logged in.
It doesn’t happen on my husband’s computer, only on my computer. Of course I do not know what happens on Blogg Ranger’s computer. I DO know that even on my own computer no comment ever should link to my dashboard.
-
Hi there, The link in that commenter’s username is to “wordpress.com”.
This only happens when I’m logged in.
And that’s the reason. When you are logged in to your WordPress.com account, clicking a link to wordpress.com will bring you to your own site’s dashboard (or your Sites dashboard if you have more than one site).
Anyone else clicking that same link would be brought to their own site’s dashboard if they are logged in to their WordPress.com account. If they are not logged in to WordPress.com, they’ll land on the WordPress.com landing page. You can try that by logging out and clicking the link to wordpress.com in my forum reply.
Hope that helps ease your mind but do let us know if you have any other concern about this.
-
Thank you, that does help. So you’re saying that anyone clicking on his comment on the above linked blog would be taken to their own site, if they have one, or to the landing page if they don’t have one.
I’ve been very puzzled, and a bit stressed by this as I’ve been blogging for 10 years and have never seen anything like this before.
So you’re saying it’s safe for me to approve and respond to his comment on my blog, and the same will happen on my blog – anyone clicking on his comment will be taken to their own blog or to the landing page.
Thank you so much for your help
-
anyone clicking on his comment
The comment itself doesn’t have any link in it, however the link is in his username (Blogg etc.)
So you’re saying it’s safe for me to approve and respond to his comment on my blog, and the same will happen on my blog – anyone clicking on his comment will be taken to their own blog or to the landing page.
If someone has added the address “wordpress.com” on the “Public web address” line of their WordPress.com account profile, it will behave this same way for anyone clicking on their username.
-
Also, keep in mind that a “legitimate” link in a person’s username doesn’t necessarily mean there isn’t a questionable link in the comment they leave, and vice versa.
Here’s more information on that https://akismet.com/support/general/spam-facts/
-
Thank you so much. This has been very helpful.
Sorry I didn’t express myself well. Of course I was referring to the link in the user name, not the comment itself.
I always look into a new commenter before approving, and I’ve never seen it before that the link in their user name took me to my own dashboard so I freaked out, and panicked that this commenter somehow had access to it, and that anyone clicking on his username had access to it. Phew!
So I think it’s all resolved now. I appreciate your help, and for clarifying the situation.
- The topic ‘SECURITY BREACH! Please help! Random unknown commenter linked to my dashboard!’ is closed to new replies.
WordPress.com Forums 