Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • March 1, 2015 at 12:22 pm #404058
    danaldo

    Dear kriesi-team,

    I have used Enfold for a web project. We obviously got hacked already around November and someone spammed the website with articles. The hacker obviously used one user that he had access to. The user was the user, I had used to give your support team access to the website to check out some changes. I simply forgot to deactivate the user – no doubt, my fault and not blaming you.

    I just wanted to let you know and wondered, if you had someone sneaking into your database, as granting you guys access and using that very user was the only time I had used the user, which obviously was then used to spam the WordPress installation.

    Please have a look at this!

    Looking forward to hearing from you.

    Thanks & Best regards,
    Daniel

    March 2, 2015 at 12:57 pm #404416
    Kriesi

    Hi Daniel!

    If someone would have gotten access to our database, which I really doubt, I think we would have faced similar issues (if not worse, kriesi.at is a Page Rank 7 domain and spam links from high level domains are worth a lot)

    Unfortunately without any more information I guess there is a small chance that we will solve how the user got access to your site. Bruteforcing is definitely an option though…

    Best regards,
    Kriesi

    March 2, 2015 at 7:26 pm #404718
    danaldo

    Glad to hear that you did not face any trouble. Just wanted to rule out that option as well. Probably brute force. Changed the htaccess and blocked the xmlrpc, too.

    Can be closed.

    Thanks for your support!

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • The topic ‘Website with Enfold was hacked using user that I posted in this forum’ is closed to new replies.