Unauthorized person accessing my blog Dashboard
-
Today someone accessed my blogs Dashboard. I contacted the people I have listed as an Editor, and Author and it was not them.
How could anyone else gain access to my Dashboard, and most importantly, how I can prevent this from happening again?
Divinity’s Dad
The blog I need help with is: (visible only to logged in users)
-
I took a screen shot of my dashboard but I can’t seem to attach this to these support posts.
This is very unnerving, as no one other than authorized people should be able to access my blogs dashboard!
-
Some general advice
Hacked Sites
The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.
You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.
Dashboard >> Users
Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.
You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)
There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.
If you are really concerned you could as the staff to look at your site: http://en.support.wordpress.com/contact/
You could also use a secure log-in in case you are on an unsecured link: http://en.support.wordpress.com/https/
What’s the URL of the blog? And how many admins are there? And what kind of hack was pulled?
-
Hello there,
If you suspect an unauthorised access, please change your WordPress.com passwords immediately. Also, ensure all of your blog authors/editors have changed their passwords as well. Please do create and use strong passwords. Also do check if you or your team isn’t accessing the admin console from a shared computer. If you/your team must use a shared computer please ensure all the users log out of their WordPress accounts every time.If you are sure there was an unauthorised access, you can reach out to the staff and they will confirm if there was such an incident.
-
As I stated in my initial post, I have one Editor, and one Author. Neither of them have created a post, nor have either of them even modified a post. They are granted access in case something happens to me, nothing else.
No one other than myself is listed as Administrator. I checked, and no “User” has been added to my blog.
As for passwords, after I read your post I changed the password for my blog.
I do not run Windows, I use Linux on my PC, and IOS 8.1.2 on my iPad.
The blog in question is missdivinity.wordpress.com.
-
-
simplysaru,
I changed my password this morning, and have emailed the other users to do the same.We do not share a computer, the other two users were added should something happen to me. They were not added to generally create posts.
I did see a support thread last week where someone else was having the same issue of their users gaining access to their dashboard.
-
-
When I checked my Stats this morning there was one click for my WordPress Dashboard.
I have a screen shot of this but can’t find a way to attach it to a post.
This has never happened before, nor do I think it should.
-
I am thinking that click was from some other WordPress.com sites dashboard (What’s hot section). Are you sure it was from your dashboard?
-
simplysaru,
That I am not sure. Under Clicks, I just see WordPress Dashboard 1.It would be easier if I could show you a screen shot.
As I’ve said, I’ve not seen this before, and was very concerned when I did.
Thanks for all the help!
-
Under Clicks, I just see WordPress Dashboard 1.
This just means that someone clicked on a link to the WordPress dashboard from your site. If you click on that link to “WordPress Dashboard” it takes you to WordPress.com. That means, someone clicked on a link on your site and went to WordPress.com, likely the link in your footer.
There’s nothing to be concerned about here. Even if they had been directed to your actual dashboard, they would have been blocked as they do not have permission. For example, here’s a link to the dashboard of one of my test sites:
https://testsjr1.wordpress.com/wp-admin/
Go ahead and click on that, and you’ll see the error message.
Let me know if I can clarify anything else!
-
If you want to be super-secure, also change the password to the email associated with your Admin account. But shawnajroberts is probably correct. It’s an old issue, and it does panic some people.
-
I believe that shawnajroberts is correct. And you’re right riancoaster, it is unnerving to see a click to my dashboard!
Thanks everyone!
I’ll set this topic to Resolved.
- The topic ‘Unauthorized person accessing my blog Dashboard’ is closed to new replies.
WordPress.com Forums 