Skip to:
Content
Pages
Categories
Search
Top
Bottom

Spammer bypassed group creation

  • Avatar of voopress
    voopress
    Participant

    @voopress

    On my site, I have group creation disabled and users have to fill in a form to have us manually create their group.

    Today, a spammer/hacker bypassed this, created an account then created a group and filled it with spam.

    How can I prevent php files from being directly accessed if this is how that person did this?

Viewing 1 replies (of 1 total)
  • Avatar of @mercime
    @mercime
    Keymaster

    @mercime

    `I have group creation disabled and users have to fill in a form to have us manually create their group.`
    The spammer might have hacked into the Site/Super Admin account. Backup database. Curious what’s the username used by the hacker? Check activity of said “member” and remove/delete anything created by said member then delete from users. Do you still have a username “admin”? Then create another username for your admin account and then demote the “admin” to suscriber in wp-admin or remove completely.

    http://codex.wordpress.org/FAQ_My_site_was_hacked

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.