This Person keeps attacking my websites
-
Good day to all. I am sorry if this topic does not fit into the support forums, but this is important.
This person here named Miranda who is in charge of this website, keeps attacking and hacking my websites that I work on with other people. Here is a post that she posted concerning this. http://ekatclan.wordpress.com/2013/05/13/gar-site-deleted/
This has been getting out of hand, and I request that this user Miranda be banned or given a warning to stop hacking people’s websites. For proof that one of my websites has been deleted, check this link out.
http://galacticzone.wordpress.com/ If a website was to be removed, it must be put to a vote by other owners of the website. However, this was not the case and I believe that Miranda has hacked my friend’s account to delete our website. Only the main owner of the website can delete the website. Anyways, this sort of thing has happened to other people’s websites that my group has contacts with.
So please, send a warning or ban this user.
The blog I need help with is: (visible only to logged in users)
-
Here is a link to a website that was previously deleted by the same person.
http://galacticrepublicclan.wordpress.com/ -
No one can delete any blog unless they are provided with Admin access to the blog, or the owner of the blog provides their log information, or fails to follow security protocol in some other way.
WordPress.com Staff have far better things to do than sorting out battles between those who refuse to follow recommendations when it comes to one Admin per blog and refuse to follow security protocol.
-
P.S. The required age for obtaining a WordPress.com account is 13 years and any 13 year old person or anyone above that age who would buy into crap like:
If a website was to be removed, it must be put to a vote by other owners of the website. However, this was not the case and I believe that Miranda has hacked my friend’s account to delete our website.
rather than following WordPress.com security protocol needs to get another hobby.
-
Go to your email program and change the password to a very difficult one because that’s how many hackers gain access to blogs.
1. If you can log-in go here > Users > All Users and delete any user that does not belong there. While you are at it demote every user other than yourself right down to Author or Contributor status.
2. Disable post by email > http://en.support.wordpress.com/post-by-email/
3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/
4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
6. Set up two step authentication http://en.support.wordpress.com/security/two-step-authentication/
Then read this please knowing that blogs don’t get hacked when security protocols are followed. > http://en.support.wordpress.com/security/
-
We did all that, we followed all security protocols. But no matter what we tried, somebody managed to hack into the account by using programs probably. Then whoever the hacker was gave the information to her.
There was only one admin. The rest were put in as Editors or Authors.
-
Any admin of a website can delete the site. So make sure Miranda isn’t an admin (even under a fake name) and make sure she can’t get into your real Admins’ accounts, by ensuring their email is very secure and the password to their user account is also very secure.
-
And by the way, not my rules on the voting part. The voting was really more if we were planning on changing the website address.
Here, we are actually dealing with a person who can hack into anyone’s account and do serious damage. Feel free to ask somebody from the Raze website. They will tell you that this person Miranda has been doing this for a few months now.
I don’t think she cares at all about WordPress. She probably finds doing these things as entertainment. Give her a warning at least or ban her for a week to make her stop.
-
To raincoaster.
We all use crazy insane long passwords with tons of symbols, numbers, crazy math terms, and formulas. No joke.
-
Well, you’d better change them because either she’s one of the people you authorized or she’s hacked one of them.
-
I’ve been here seven years and not once in that time has anyone managed to gain access to an account by using a brute force program. Not once. Believe me, either you put your trust in the wrong person or you put your trust in a hackable password, either in your WP accounts or in your email.
-
To raincoaster
Don’t look at me, I am not the one getting hacked here. And I am not the one in charge of the website. I am just an editor. Thing is, somebody some how gets access to the website by what ever way they are able to use, and that somebody sends information to Miranda and she gains access.Three days ago, the GAR website received 2 random people as editors. We weren’t even recruiting anyone at that time. As we looked more into this, turns out those two people came from the same clan that Miranda is in, and they are known to hack people.
Going back a few weeks, a guy managed to hack our website into the password protected posts who passwords that are impossible to memorize. An example would be, and note this is fake Mx23!~5667zdagytherivec708^&*$*(*)*^^^7s4
It is just that this has been getting out of hand, and honestly a simple game has turned into a crazy war where now people who follow this Miranda believe that this means a lot and are actually starting to threaten us. Literally threaten us.
Who knows, maybe one of them will get a bright idea to actually go for private information.
As stated before, we take security of our members seriously. We followed all security protocols.
-
You can’t receive people randomly as editors: an Admin must invite them and set them at that level. Which admin did that? If you cannot find out, you have a security leak in your admins.
-
Note that precision counts for a lot in computers. http://galacticrepublicclan.wordpress.com/ for instance, is not deleted.
-
To raincoaster
Before anybody was to be recruited, I was supposed to be told about it. The admin and I were the only two that knew exactly what was going on in the clan. Which leads to one possibility, somebody either put a virus into the admin’s computer that basically reads all information that is being put in, or a program is being used to get the password. In this time, making a program and using it to get somebody’s password seems to be easy to do.
Also, I don’t know if this will help, but I saw a month or two ago that there were ways to actually hack somebody’s account or website on WordPress.com by using out-dated plugins or out-dated themes and so on.
I will see if I can contact the admin and ask him to comment here. He has been busy trying to rebuild another website that got destroyed by Miranda. That other website was a combination of 20 other clans that were also hacked by Miranda. Crazy history, yet entertaining.
But then, there are limits as to how far you can take a game. Making a clan war for fun and pure entertainment cant hurt, but when it comes to actual hacking and threatening people, well that is another story. Other members in my group are trying to get her banned from the game itself. Some events occurred unexpectedly, especially the shift in alliances. One moment Raze was fighting GSA, but after EKAT(Miranda is the leader of this clan) attacked our colony which was GAR and deleted it which is that http://galacticrepublicclan.wordpress.com/ website, things got serious. And then the change in alliances occurred.
An agreement was signed that nobody’s website was to be hacked or deleted, and that the war was to be fought in a series of raids and possibly skirmishes. All for entertainment. When the threats starting coming in, well, that basically changed the whole thing. At least give her a warning or something. Or close the website for a week if at all possible. May be that will tell her to stop being a fool and stop messing with other people. I have a feeling somebody might seriously get hurt if this persists.
-
You are incorrect: the hacks you refer to apply to WordPress.ORG sites, not WordPress.com.
I really have no advice for you about how to play your game. As I said, your site is not deleted. Your posts are almost certainly simply in the Trash. If the point of the game is to triumph against the opposite clan, I’d say you’re simply losing, and almost certainly because you have either too many admins or weak security yourself. One admin per blog is sufficient: any more is a foolish risk.
-
To raincoaster
I am not asking for advice on how to play the game. Funny how, the very same person who said that deleting anyone’s website was wrong started doing it herself.We also have our own spies running as admins on the EKAT site, but we are not deleting it because it is wrong and we don’t take this game seriously, like to the point that it means a lot. I have only joined in a few months ago, and if I knew from the start the people involved, well I would probably not have made this post here.
There is also a chance that the emails could have been hacked and by knowing which email including its password is connected to the website, it will be fairly easy to access the website as someone else and delete it completely. Its one thing if the posts and pages got deleted. We have backups. But its another thing when the whole thing is deleted completely and that the url can no longer be used. That means, we end up having to open a new website and transfer data into it.
By the way, didn’t WordPress use to have this system that the admin that made the website in the first place was the only one who could actually delete it completely and that any other admin didn’t have that option?
-
If you believe the site was hacked, we recommend that you inform the WordPress.com user who was the blog owner that he or she should immediately reset their WordPress.com password. They should then contact us directly for further assistance in recovering the account/blog.
- The topic ‘This Person keeps attacking my websites’ is closed to new replies.
WordPress.com Forums 