Skip to:
Content
Pages
Categories
Search
Top
Bottom

Possible security hole [Solved]

  • Profile photo of fizk
    fizk
    Member

    @fizk

    I’m running a BuddyPress 1.2.8, WordPress Mu 3.1 site and a bot somehow manages to always create accounts, about 5 per day, even though account registration is disabled in /wp-admin/network/settings.php, and for each of my sites.

    For example, the last account created had username “ramonlpa” and email “fidankaisageh@gmail.com”, and was not associated with any site (i.e. the site field is blank).

    This has been happening for a long time. When I first found out, the bot had created 3000 accounts.

    I’m also running bbPress with the WordPress Integration, so the hole might be in bbPress.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Profile photo of Pisanojm
    Pisanojm
    Participant

    @pisanojm

    check to see if you have any other “admins” in your users… maybe you have an admin account that has been hacked and they are being generated from the inside?

    Profile photo of Paul Gibbs
    Paul Gibbs
    Keymaster

    @djpaul

    bbPress is most likely in your setup

    Profile photo of fizk
    fizk
    Member

    @fizk

    Pisanojm,

    I don’t have any other admin accounts in my system.

    Profile photo of fizk
    fizk
    Member

    @fizk

    Paul Gibbs,

    Yes, I have a separate bbPress install that integrates with WordPress via the Wordprss Integration.

    Profile photo of fizk
    fizk
    Member

    @fizk

    Pisanojm, I just changed the password of every account in case they’ve guessed the password for one of the accounts.

    Profile photo of r-a-y
    r-a-y
    Moderator

    @r-a-y

    Disable bbPress registration on your external install:

    https://bbpress.org/forums/topic/howto-disable-registration

    Profile photo of fizk
    fizk
    Member

    @fizk

    r-a-y,

    Thanks, I’ve disabled registration. Hopefully this stops the bots completely.

    Profile photo of fizk
    fizk
    Member

    @fizk

    r-a-y,

    That seemed to do the trick! Thanks :)

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Possible security hole [Solved]’ is closed to new replies.