Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #404058

    Dear kriesi-team,

    I have used Enfold for a web project. We obviously got hacked already around November and someone spammed the website with articles. The hacker obviously used one user that he had access to. The user was the user, I had used to give your support team access to the website to check out some changes. I simply forgot to deactivate the user – no doubt, my fault and not blaming you.

    I just wanted to let you know and wondered, if you had someone sneaking into your database, as granting you guys access and using that very user was the only time I had used the user, which obviously was then used to spam the WordPress installation.

    Please have a look at this!

    Looking forward to hearing from you.

    Thanks & Best regards,
    Daniel

    #404416

    Hi Daniel!

    If someone would have gotten access to our database, which I really doubt, I think we would have faced similar issues (if not worse, kriesi.at is a Page Rank 7 domain and spam links from high level domains are worth a lot)

    Unfortunately without any more information I guess there is a small chance that we will solve how the user got access to your site. Bruteforcing is definitely an option though…

    Best regards,
    Kriesi

    #404718

    Glad to hear that you did not face any trouble. Just wanted to rule out that option as well. Probably brute force. Changed the htaccess and blocked the xmlrpc, too.

    Can be closed.

    Thanks for your support!

Viewing 3 posts - 1 through 3 (of 3 total)
  • The topic ‘Website with Enfold was hacked using user that I posted in this forum’ is closed to new replies.