Somebody posted as a post on my account blog what looks like spam. How can this be?
-
And above all, how do I prevent this from happening.
I got a notification congratulating me of a post on ‘nonscript’ but I had not done anything on that blog. Went and verified, and there is was. I saved a screen shot from the tablet.
How is it that somebody is posting in my account in one of my blogs? Let me know.
Anyhow, I will change the password immediately.
The blog I need help with is: (visible only to logged in users)
-
Good morning!
I am sorry that you got hacked. These things do happen at times and you have done the best thing you can by changing your password. WordPress also supports two step authentication which can further protect your blog:
https://en.support.wordpress.com/security/two-step-authentication/You likely know all these things but here are some good reads about passwords:
https://en.support.wordpress.com/passwords/
https://en.support.wordpress.com/selecting-a-strong-password/If you want to delete the post, here is a write-up on that:
https://en.support.wordpress.com/deleted-posts-and-pages/Of course, you could also go ahead and correct the grammar and spelling and change the post to make a statement about how much of a hassle getting hacked is!
Best,
dave -
Thank you for the quick reply. It’s the first time that I got hacked, but I would like to know how that did happen. If the folks at WordPress would clarify that, that would be great.
Measures have now been taken that ought to increase the security of my account. I already had some dispositives in place that allowed me to at least detect the problem very early.
The above mention hack-post was clearly spam or phishing, in all likelihood a bot, and deleted. The post claimed that I had purchased something in iTunes and been charged a certain amount.
-
Please don’t permanently delete the “hacked” post. I’ve tagged this for Staff attention.
These things do happen at times
While @dave2swords has given you good advice about site security, you will also want to check your email password as this is the most common way for such posts to appear. If you have “Post by Email” enabled, you may wish to disable it or change the secret email address.
-
Right. I suspected as much. The offending hacked post is under the trashed posts in the nonscript.wordpress.com so that WordPress may look into it.
Thank you.
-
Hi there,
As @justjennifer correctly guessed, that post was published using the Post By Email feature. If you enable post by email, anyone who has the secret email address will be able to use it to publish posts to your site.
You can generate a new Post By Email address at the link below, or disable it completely if you don’t use it to prevent something like this from happening again:
https://nonscript.wordpress.com/wp-admin/index.php?page=my-blogs
-
Thanks @kokkieh and @justjennifer . Yes, all done now: different security parameters in place. No more email posting which must have been some relic of yesteryear.
Excellent response times. Kudos to WordPress folks.
-
-
- The topic ‘Somebody posted as a post on my account blog what looks like spam. How can this be?’ is closed to new replies.
WordPress.com Forums 